CVE-2018-5459
moderate-risk
Published 2018-02-13
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.
Do I need to act?
~
1.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (2)
Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01
Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01
41
/ 100
moderate-risk
Severity
32/34 · Critical
Exploitability
4/34 · Minimal
Exposure
5/34 · Minimal