Vulnerabilities > Wago > 750 8202 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-12-26 CVE-2020-12069 Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm.
local
low complexity
pilz codesys festo wago CWE-916
7.8
2022-11-09 CVE-2021-34567 Out-of-bounds Read vulnerability in Wago products
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
network
low complexity
wago CWE-125
8.2
2022-11-09 CVE-2021-34568 Allocation of Resources Without Limits or Throttling vulnerability in Wago products
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.
network
low complexity
wago CWE-770
7.5
2021-05-24 CVE-2021-21000 Allocation of Resources Without Limits or Throttling vulnerability in Wago products
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.
network
low complexity
wago CWE-770
7.5