CVE-2024-41969
Published: Nov 18, 2024
Modified: Jan 30, 2025
CVSS v3.1
8.8
Description
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
| Vendor | Product | Versions |
|---|---|---|
WAGO | CC100 0751-9x01 | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | PFC100 G2 0750-811x-xxxx-xxxx | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | PFC200 G2 750-821x-xxx-xxx | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | TP600 0762-420x/8000-000x | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | TP600 0762-430x/8000-000x | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | TP600 0762-520x/8000-000x | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | TP600 0762-530x/8000-000x | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | TP600 0762-620x/8000-000x | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | TP600 0762-630x/8000-000x | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | Edge Controller 0752-8303/8000-0002 | affected 0.0.0 - <= 4.5.10 (FW27) |
WAGO | PFC100 G1 0750-810x/xxxx-xxxx | affected 0.0.0 - <= 3.10.10 (FW22 Patch 1) |
WAGO | PFC200 G1 750-820x-xxx-xxx | affected 0.0.0 - <= 3.10.10 (FW22 Patch 1) |
WAGO | PFC200 G1 0750-820x/xxx-xxx | affected 0.0.0 - <= 03.03.08 (80) |
WAGO | PFC200 G2 0750-821x/xxx-xxx | affected 0.0.0 - <= 04.04.03 (70) |
WAGO | CC100 0751/9x01 | affected 0.0.0 - <= 04.03.03 (72) |
WAGO | CC100 0751/9x01 | affected 0.0.0 - <= 04.04.03 (70) |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now