Vulnerability Description
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wago | 750-363\/040-000 Firmware | < fw11 |
| Wago | 750-363\/040-000 | - |
| Wago | 750-362\/040-000 Firmware | < fw11 |
| Wago | 750-362\/040-000 | - |
| Wago | 750-362\/000-001 Firmware | < fw11 |
| Wago | 750-362\/000-001 | - |
| Wago | 750-891 Firmware | < fw11 |
| Wago | 750-891 | - |
| Wago | 750-365\/040-010 Firmware | < fw11 |
| Wago | 750-365\/040-010 | - |
| Wago | 750-364\/040-010 Firmware | < fw11 |
| Wago | 750-364\/040-010 | - |
| Wago | 750-362 Firmware | < fw11 |
| Wago | 750-362 | - |
| Wago | 750-363 Firmware | < fw11 |
| Wago | 750-363 | - |
| Wago | 750-823 Firmware | < fw11 |
| Wago | 750-823 | - |
| Wago | 750-832 Firmware | < fw11 |
| Wago | 750-832 | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en/advisories/VDE-2023-005/Third Party Advisory
- https://cert.vde.com/en/advisories/VDE-2023-005/Third Party Advisory
FAQ
What is CVE-2023-1150?
CVE-2023-1150 is a vulnerability with a CVSS score of 7.5 (HIGH). Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.
How severe is CVE-2023-1150?
CVE-2023-1150 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1150?
Check the references section above for vendor advisories and patch information. Affected products include: Wago 750-363\/040-000 Firmware, Wago 750-363\/040-000, Wago 750-362\/040-000 Firmware, Wago 750-362\/040-000, Wago 750-362\/000-001 Firmware.