Vulnerability Description
On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wago | 750-823 Firmware | < fw08 |
| Wago | 750-823 | - |
| Wago | 750-829 Firmware | < fw15 |
| Wago | 750-829 | - |
| Wago | 750-831 Firmware | < fw15 |
| Wago | 750-831 | - |
| Wago | 750-832 Firmware | < fw08 |
| Wago | 750-832 | - |
| Wago | 750-852 Firmware | < fw15 |
| Wago | 750-852 | - |
| Wago | 750-862 Firmware | < fw08 |
| Wago | 750-862 | - |
| Wago | 750-880 Firmware | < fw16 |
| Wago | 750-880 | - |
| Wago | 750-881 Firmware | < fw15 |
| Wago | 750-881 | - |
| Wago | 750-882 Firmware | < fw15 |
| Wago | 750-882 | - |
| Wago | 750-885 Firmware | < fw15 |
| Wago | 750-885 | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en-us/advisories/vde-2021-014Third Party Advisory
- https://cert.vde.com/en-us/advisories/vde-2021-014Third Party Advisory
FAQ
What is CVE-2021-21001?
CVE-2021-21001 is a vulnerability with a CVSS score of 9.1 (CRITICAL). On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.
How severe is CVE-2021-21001?
CVE-2021-21001 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-21001?
Check the references section above for vendor advisories and patch information. Affected products include: Wago 750-823 Firmware, Wago 750-823, Wago 750-829 Firmware, Wago 750-829, Wago 750-831 Firmware.