O System 758 Industrial PC Device

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

wago

CWE-255

critical

NVD

Published: 2012-09-07

Updated: 2013-10-11

Summary

The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest account, which makes it easier for remote attackers to obtain login access via a TELNET session, a different vulnerability than CVE-2012-3013.

Vulnerable Configurations

Part	Description	Count
Hardware	Wago Wago Wago I/O System 758 Industrial PC Device 758-870 Wago Wago I/O System 758 Industrial PC Device 758-874 Wago Wago I/O System 758 Industrial PC Device 758-875 Wago Wago I/O System 758 Industrial PC Device 758-876	4

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References