CVE-2024-41969
published 2024-11-18CVE-2024-41969: A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wago | cc100_0751-9x01 | 0.0.0 – 4.5.10 (FW27) | — |
| wago | cc100_0751_9x01 | 0.0.0 – 04.03.03 (72) | — |
| wago | edge_controller_0752-8303_8000-0002 | 0.0.0 – 4.5.10 (FW27) | — |
| wago | pfc100_g1_0750-810x_xxxx-xxxx | 0.0.0 – 3.10.10 (FW22 Patch 1) | — |
| wago | pfc100_g2_0750-811x-xxxx-xxxx | 0.0.0 – 4.5.10 (FW27) | — |
| wago | pfc200_g1_0750-820x_xxx-xxx | 0.0.0 – 03.03.08 (80) | — |
| wago | pfc200_g1_750-820x-xxx-xxx | 0.0.0 – 3.10.10 (FW22 Patch 1) | — |
| wago | pfc200_g2_0750-821x_xxx-xxx | 0.0.0 – 04.04.03 (70) | — |
| wago | pfc200_g2_750-821x-xxx-xxx | 0.0.0 – 4.5.10 (FW27) | — |
| wago | tp600_0762-420x_8000-000x | 0.0.0 – 4.5.10 (FW27) | — |
| wago | tp600_0762-430x_8000-000x | 0.0.0 – 4.5.10 (FW27) | — |
| wago | tp600_0762-520x_8000-000x | 0.0.0 – 4.5.10 (FW27) | — |
| wago | tp600_0762-530x_8000-000x | 0.0.0 – 4.5.10 (FW27) | — |
| wago | tp600_0762-620x_8000-000x | 0.0.0 – 4.5.10 (FW27) | — |
| wago | tp600_0762-630x_8000-000x | 0.0.0 – 4.5.10 (FW27) | — |