CVE-2020-12505

🗓️ 30 Sep 2020 15:43:20Reported by CERTVDEType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 68 Views

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW0

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the WAGO Ethernet controller, related to deficiencies in authentication procedures, allows a perpetrator to alter certain special parameters without being authenticated.	18 Dec 202000:00	–	bdu_fstec
Circl	CVE-2020-12505	30 Sep 202020:52	–	circl
Cvelist	CVE-2020-12505 WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07	30 Sep 202015:43	–	cvelist
EUVD	EUVD-2020-4807	7 Oct 202500:30	–	euvd
NVD	CVE-2020-12505	30 Sep 202016:15	–	nvd
OSV	CVE-2020-12505	30 Sep 202016:15	–	osv
Prion	Authentication flaw	30 Sep 202016:15	–	prion
Tenable Nessus	Wago 750-8XX series Improper Authentication (CVE-2020-12505)	21 Jul 202200:00	–	nessus

NVD

Vulners

Node

wago 750-852_firmwareRange≤fw07

AND

wago 750-852Match-

Node

wago 750-880_firmwareRange≤fw07

AND

wago 750-880Match-

Node

wago 750-881_firmwareRange≤fw07

AND

wago 750-881Match-

Node

wago 750-831_firmwareRange≤fw07

AND

wago 750-831Match-

Node

wago 750-882_firmwareRange≤fw07

AND

wago 750-882Match-

Node

wago 750-885_firmwareRange≤fw07

AND

wago 750-885Match-

Node

wago 750-889_firmwareRange≤fw07

AND

wago 750-889Match-

[
  {
    "product": "750-852",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "750-880/xxx-xxx",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "750-881",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "750-831/xxx-xxx",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "750-882",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "750-885/xxx-xxx",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "750-889",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2020-027

21 Nov 2024 04:59Current

8.2High risk

Vulners AI Score8.2

CVSS 26.4

CVSS 3.18.2 - 9.1

EPSS0.00269

CWE-306