Lucene search

CERTVDECVELIST:CVE-2022-3738

HistoryJan 19, 2023 - 11:27 a.m.

CVE-2022-3738 WAGO: Missing authentication for config export functionality in multiple products

2023-01-1911:27:51

CWE-306

CERTVDE

www.cve.org

wago

authentication

config export

vulnerability

remote attacker

sensitive information

backup file

credentials

cryptographic material

valid user

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Series WAGO PFC100",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Series WAGO PFC200",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Series WAGO Touch Panel 600 Advanced Line",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Series WAGO Touch Panel 600 Marine Line",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Series WAGO Touch Panel 600 Standard Line",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WAGO Compact Controller CC100",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WAGO Edge Controller",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW22",
        "status": "affected",
        "version": "FW16",
        "versionType": "semver"
      }
    ]
  }
]

References

cert.vde.com/en/advisories/VDE-2022-054/

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

Related for CVELIST:CVE-2022-3738