Vulnerabilities > Wago > Pfc200 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-03-11 CVE-2019-5160 Unspecified vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14)
An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12).
network
low complexity
wago
critical
9.1
2020-03-11 CVE-2019-5161 Insufficient Verification of Data Authenticity vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14)
An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12).
network
low complexity
wago CWE-345
critical
9.1
2020-01-08 CVE-2019-5082 Out-of-bounds Write vulnerability in Wago Pfc100 Firmware and Pfc200 Firmware
An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12).
network
low complexity
wago CWE-787
critical
9.8
2018-02-13 CVE-2018-5459 Improper Authentication vulnerability in Wago Pfc200 Firmware
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X.
network
low complexity
wago CWE-287
critical
9.8
2017-02-13 CVE-2016-9362 Improper Authentication vulnerability in Wago products
An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111.
network
low complexity
wago CWE-287
critical
9.1