Hacking

Talos found tens of dangerous flaws in WAGO Controllers

Cisco Talos experts discovered tens of flaws in WAGO products that expose controllers and human-machine interface (HMI) panels to remote attacks.

Talos and Germany’s VDE CERT this week published advisories describing roughly 30 vulnerabilities identified in devices made by WAGO, a German company specializing in electrical connection and automation solutions.

The vulnerabilities affect PFC100 and PFC200 programmable logic controllers (PLCs) and Touch Panel 600 HMI panels, they can lead to arbitrary code execution, command injection, information disclosure, and could allow DoS attacks. Experts reported that some of the flaws could be only exploited by authenticated attackers.

Talos researchers reported that some vulnerabilities impact the e!COCKPIT engineering software, the Web-Based Management (WBM) application, the cloud connectivity of the controllers, and the I/O Check functionality.

Experts pointed out that attackers can chain some of the vulnerabilities to take complete control of the targeted devices.

WAGO addressed only a few issues with the release of security patches, other flaws are expected to be fixed in the second quarter of 2020. The good news is that the company has provided mitigations for all the vulnerabilities.

In June 2019, a security researcher at consulting company SEC Consult discovered several vulnerabilities in some models of WAGO industrial switches. The vulnerabilities was affecting WAGO industrial switches 852-303, 852-1305 and 852-1505 models. 

In December 2017, researchers at SEC Consult experts discovered that 17 models of WAGO PFC200 PLC were vulnerable to an unauthenticated remote access exploit.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, WAGO)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

1 hour ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

15 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

22 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

This website uses cookies.