CVE-2022-3281

CWE-4403 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 52.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wago 750-81xx/xxx-xxx Series Pfc100/pfc200 Wago 750-8217/xxx-xxx Series Pfc100/pfc200 Wago 750-82xx/xxx-xxx Series Pfc100/pfc200 +83 more

Timeline

PublishedOct 17

Description

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages86 packages

▶CVEListV5wago/compact_controller_cc10003.07.17(19) — 03.09.08(21)

▶CVEListV5wago/762-4xxx_series_touch_panel_60003.01.07(13) — 03.10.09(22)

▶CVEListV5wago/762-5xxx_series_touch_panel_60003.01.07(13) — 03.10.09(22)

▶CVEListV5wago/762-6xxx_series_touch_panel_60003.01.07(13) — 03.10.09(22)

▶CVEListV5wago/750-81xx/xxx-xxx_series_pfc100/pfc20003.01.07(13) — 03.10.08(22)

🔴Vulnerability Details

GHSA

GHSA-9qfw-f49w-5jg7: WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Addres↗2022-10-17

▶

CVEList

WAGO: multiple products - Loss of MAC-Address-Filtering after reboot↗2022-10-17

▶