CVE-2023-1150

CWE-772 CWE-400 — Uncontrolled Resource Consumption CWE-8054 documents4 sources

Severity

7.5HIGH

EPSS

0.3%

top 51.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wago 750-362\/000-001 Firmware Wago 750-362\/040-000 Firmware Wago 750-362 Firmware +26 more

Timeline

PublishedJun 26

Latest updateFeb 23

Description

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages29 packages

▶NVDwago/750-362_firmware< fw11

▶NVDwago/750-363_firmware< fw11

▶NVDwago/750-823_firmware< fw11

▶NVDwago/750-832_firmware< fw11

▶NVDwago/750-862_firmware< fw11

🔴Vulnerability Details

GHSA

GHSA-phj7-pw7p-pxq8: Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specia↗2023-06-26

▶

CVEList

WAGO: Series 750-3x/-8x prone to MODBUS server DoS↗2023-06-26

▶

📋Vendor Advisories

Red Hat

kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c↗2024-02-23

▶