WAGO PLCÖеĶà¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-18

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-5073£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5074£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5075£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5077£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5078£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5079£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5080£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5081£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5082£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Series PFC100 (750-81xx/xxx-xxx)

Series PFC200 (750-82xx/xxx-xxx)


Îó²î¸ÅÊö


˼¿ÆTalosÑо¿Ö°Ô±ÔÚWAGOÖÆÔìµÄ¿É±à³ÌÂß¼­¿ØÖÆÆ÷£¨PLC£©Öз¢Ã÷¶à¸öÑÏÖØÎó²î£¬£¬£¬£¬ÕâЩÎó²î¿Éµ¼ÖÂí§Òâ´úÂëÖ´ÐС¢¾Ü¾øЧÀ͹¥»÷»ò»ñȡװ±¸µÄµÇ¼ƾ֤¡£¡£¡£¡£ÊÜÓ°ÏìµÄ²úÆ·°üÀ¨WAGO PFC200ºÍPFC100¿ØÖÆÆ÷£¬£¬£¬£¬ËüÃDZ»ÆÕ±éÓÃÓÚÆû³µ¡¢Ìú·¡¢µçÁ¦¹¤³Ì¡¢ÖÆÔìºÍÐÞ½¨ÎïÖÎÀíµÈÐÐÒµÖС£¡£¡£¡£Îó²î¸ÅÊöÈçÏ£º


CVE-2019-5073

I/O-Check¹¦Ð§±£´æÐÅϢй¶Îó²î¡£¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÔËÐÐÀú³ÌÖб£´æÉèÖõȹýʧ¡£¡£¡£¡£Î´ÊÚȨµÄ¹¥»÷Õß¿ÉʹÓÃÎó²î»ñÈ¡ÊÜÓ°Ïì×é¼þÃô¸ÐÐÅÏ¢¡£¡£¡£¡£


CVE-2019-5074

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î¡£¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÄÚ´æÉÏÖ´ÐвÙ×÷ʱ£¬£¬£¬£¬Î´×¼È·ÑéÖ¤Êý¾Ý½çÏߣ¬£¬£¬£¬µ¼ÖÂÏò¹ØÁªµÄÆäËûÄÚ´æλÖÃÉÏÖ´ÐÐÁ˹ýʧµÄ¶Áд²Ù×÷¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îµ¼Ö»º³åÇøÒç³ö»ò¶ÑÒç³öµÈ¡£¡£¡£¡£


CVE-2019-5075

getcouplerdetails£¨ÏÂÁîÐÐÊÊÓóÌÐò£©±£´æ»º³åÇø¹ýʧÎó²î¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÖ´ÐдúÂë¡£¡£¡£¡£


CVE-2019-5077

I/O-Check¹¦Ð§±£´æ»á¼û¿ØÖƹýʧÎó²î¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÔì³É¾Ü¾øЧÀÍ£¬£¬£¬£¬Ê¹×°±¸½øÈë¹ýʧµÄ״̬¡£¡£¡£¡£


CVE-2019-5078

I/O-Check¹¦Ð§±£´æ»á¼û¿ØÖƹýʧÎó²î¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÔì³É¾Ü¾øЧÀÍ£¬£¬£¬£¬Ê¹×°±¸½øÈë¹ýʧµÄ״̬¡£¡£¡£¡£


CVE-2019-5079

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î¡£¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÄÚ´æÉÏÖ´ÐвÙ×÷ʱ£¬£¬£¬£¬Î´×¼È·ÑéÖ¤Êý¾Ý½çÏߣ¬£¬£¬£¬µ¼ÖÂÏò¹ØÁªµÄÆäËûÄÚ´æλÖÃÉÏÖ´ÐÐÁ˹ýʧµÄ¶Áд²Ù×÷¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îµ¼Ö»º³åÇøÒç³ö»ò¶ÑÒç³öµÈ¡£¡£¡£¡£


CVE-2019-5080

I/O-Check¹¦Ð§±£´æ»á¼û¿ØÖƹýʧÎó²î¡£¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úƷδ׼ȷÏÞÖÆÀ´×ÔδÊÚȨ½ÇÉ«µÄ×ÊÔ´»á¼û¡£¡£¡£¡£


CVE-2019-5081

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÖ´ÐдúÂë¡£¡£¡£¡£


CVE-2019-5082

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÖ´ÐдúÂë¡£¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´ÈçÏÂÁù¸öÎó²î£¬£¬£¬£¬Çë¸üй̼þÖÁ>= FW 15£ºCVE-2019-5073¡¢CVE-2019-5074¡¢CVE-2019-5075¡¢CVE-2019-5079¡¢CVE-2019-5081¡¢CVE-2019-5082¡£¡£¡£¡£Ç¿ÁÒ½¨ÒéÔÚµ÷ÊÔºó½ûÓÃI/O-CheckЧÀÍʹÓõĶ˿Ú6626¡£¡£¡£¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/several-critical-vulnerabilities-found-wago-controllers