CVE-2022-3281

high-risk

Published 2022-10-17

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.

Do I need to act?

0.24% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

750-8100 Firmware

750-8101 Firmware

750-8101\/000-010 Firmware

750-8101\/025-000 Firmware

750-8102 Firmware

750-8102\/025-000 Firmware

750-8202\/000-011 Firmware

750-8202\/000-012 Firmware

750-8202\/000-022 Firmware

750-8206 Firmware

750-8206\/025-000 Firmware

750-8206\/025-001 Firmware

750-8207 Firmware

750-8207\/025-000 Firmware

750-8207\/025-001 Firmware

750-8208 Firmware

750-8208\/025-000 Firmware

750-8208\/025-001 Firmware

750-8210 Firmware

750-8210\/025-000 Firmware

Affected Vendors

Wago

References (2)

Mitigation https://cert.vde.com/en/advisories/VDE-2022-042/

/ 100

high-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 28/34 · Critical