Vulnerability Description
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wago | 750-8100 Firmware | < 18 |
| Wago | 750-8100 | - |
| Wago | 750-8101 Firmware | < 18 |
| Wago | 750-8101 | - |
| Wago | 750-8101\/025-000 Firmware | < 18 |
| Wago | 750-8101\/025-000 | - |
| Wago | 750-8102 Firmware | < 18 |
| Wago | 750-8102 | - |
| Wago | 750-8102\/025-000 Firmware | < 18 |
| Wago | 750-8102\/025-000 | - |
| Wago | 750-8202 Firmware | < 18 |
| Wago | 750-8202 | - |
| Wago | 750-8202\/000-011 Firmware | < 18 |
| Wago | 750-8202\/000-011 | - |
| Wago | 750-8202\/000-012 Firmware | < 18 |
| Wago | 750-8202\/000-012 | - |
| Wago | 750-8202\/000-022 Firmware | < 18 |
| Wago | 750-8202\/000-022 | - |
| Wago | 750-8202\/025-000 Firmware | < 18 |
| Wago | 750-8202\/025-000 | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en/advisories/VDE-2020-036/Vendor Advisory
- https://cert.vde.com/en/advisories/VDE-2020-036/Vendor Advisory
FAQ
What is CVE-2021-34566?
CVE-2021-34566 is a vulnerability with a CVSS score of 9.1 (CRITICAL). In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in ...
How severe is CVE-2021-34566?
CVE-2021-34566 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-34566?
Check the references section above for vendor advisories and patch information. Affected products include: Wago 750-8100 Firmware, Wago 750-8100, Wago 750-8101 Firmware, Wago 750-8101, Wago 750-8101\/025-000 Firmware.