5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
40.5%
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(500701);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");
script_cve_id("CVE-2020-12516");
script_name(english:"WAGO Series 750-88x and 750-352 Uncontrolled Resource Consumption (CVE-2020-12516)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial
of service attack.
- Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a
special denial of service attack. (CVE-2020-12516)
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://cert.vde.com/en-us/advisories/vde-2020-042");
script_set_attribute(attribute:"see_also", value:"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
WAGO recommends updating to the latest firmware, Version FW14
Other mitigations and workarounds are available to help reduce the risk:
- Restrict network access to the device.
- Do not directly connect the device to the Internet.
- Disable unused TCP/UDP ports.
CERT@VDE has published an advisory regarding this vulnerability.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-12516");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/10");
script_set_attribute(attribute:"patch_publication_date", value:"2020/12/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/08");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-331_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-352_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-829_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-831_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-852_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-880_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-881_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-882_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-885_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:750-889_firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Wago");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Wago');
var asset = tenable_ot::assets::get(vendor:'Wago');
var vuln_cpes = {
"cpe:/o:wago:750-352_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-831_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-852_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-880_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-881_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-889_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-331_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-829_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "ControllerPFC200"},
"cpe:/o:wago:750-882_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"},
"cpe:/o:wago:750-885_firmware" :
{"versionEndIncluding" : "fw10", "versionStartIncluding" : "fw1", "family" : "Controller750"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
wago | 750-331_firmware | cpe:/o:wago:750-331_firmware | |
wago | 750-352_firmware | cpe:/o:wago:750-352_firmware | |
wago | 750-829_firmware | cpe:/o:wago:750-829_firmware | |
wago | 750-831_firmware | cpe:/o:wago:750-831_firmware | |
wago | 750-852_firmware | cpe:/o:wago:750-852_firmware | |
wago | 750-880_firmware | cpe:/o:wago:750-880_firmware | |
wago | 750-881_firmware | cpe:/o:wago:750-881_firmware | |
wago | 750-882_firmware | cpe:/o:wago:750-882_firmware | |
wago | 750-885_firmware | cpe:/o:wago:750-885_firmware | |
wago | 750-889_firmware | cpe:/o:wago:750-889_firmware |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
40.5%