WAGO PLCÖеĶà¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-18

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-5073 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5074 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5075 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5077 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5078 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5079 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5080 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5081 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5082 £¬£¬ £¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10 £¬£¬ £¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Series PFC100 (750-81xx/xxx-xxx)

Series PFC200 (750-82xx/xxx-xxx)


Îó²î¸ÅÊö


˼¿ÆTalosÑо¿Ö°Ô±ÔÚWAGOÖÆÔìµÄ¿É±à³ÌÂß¼­¿ØÖÆÆ÷£¨PLC£©Öз¢Ã÷¶à¸öÑÏÖØÎó²î £¬£¬ £¬£¬ÕâЩÎó²î¿Éµ¼ÖÂí§Òâ´úÂëÖ´ÐС¢¾Ü¾øЧÀ͹¥»÷»ò»ñȡװ±¸µÄµÇ¼ƾ֤ ¡£¡£¡£ÊÜÓ°ÏìµÄ²úÆ·°üÀ¨WAGO PFC200ºÍPFC100¿ØÖÆÆ÷ £¬£¬ £¬£¬ËüÃDZ»ÆÕ±éÓÃÓÚÆû³µ¡¢Ìú·¡¢µçÁ¦¹¤³Ì¡¢ÖÆÔìºÍÐÞ½¨ÎïÖÎÀíµÈÐÐÒµÖÐ ¡£¡£¡£Îó²î¸ÅÊöÈçÏ£º


CVE-2019-5073

I/O-Check¹¦Ð§±£´æÐÅϢй¶Îó²î ¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÔËÐÐÀú³ÌÖб£´æÉèÖõȹýʧ ¡£¡£¡£Î´ÊÚȨµÄ¹¥»÷Õß¿ÉʹÓÃÎó²î»ñÈ¡ÊÜÓ°Ïì×é¼þÃô¸ÐÐÅÏ¢ ¡£¡£¡£


CVE-2019-5074

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î ¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÄÚ´æÉÏÖ´ÐвÙ×÷ʱ £¬£¬ £¬£¬Î´×¼È·ÑéÖ¤Êý¾Ý½çÏß £¬£¬ £¬£¬µ¼ÖÂÏò¹ØÁªµÄÆäËûÄÚ´æλÖÃÉÏÖ´ÐÐÁ˹ýʧµÄ¶Áд²Ù×÷ ¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îµ¼Ö»º³åÇøÒç³ö»ò¶ÑÒç³öµÈ ¡£¡£¡£


CVE-2019-5075

getcouplerdetails£¨ÏÂÁîÐÐÊÊÓóÌÐò£©±£´æ»º³åÇø¹ýʧÎó²î ¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÖ´ÐдúÂë ¡£¡£¡£


CVE-2019-5077

I/O-Check¹¦Ð§±£´æ»á¼û¿ØÖƹýʧÎó²î ¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÔì³É¾Ü¾øЧÀÍ £¬£¬ £¬£¬Ê¹×°±¸½øÈë¹ýʧµÄ״̬ ¡£¡£¡£


CVE-2019-5078

I/O-Check¹¦Ð§±£´æ»á¼û¿ØÖƹýʧÎó²î ¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÔì³É¾Ü¾øЧÀÍ £¬£¬ £¬£¬Ê¹×°±¸½øÈë¹ýʧµÄ״̬ ¡£¡£¡£


CVE-2019-5079

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î ¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÄÚ´æÉÏÖ´ÐвÙ×÷ʱ £¬£¬ £¬£¬Î´×¼È·ÑéÖ¤Êý¾Ý½çÏß £¬£¬ £¬£¬µ¼ÖÂÏò¹ØÁªµÄÆäËûÄÚ´æλÖÃÉÏÖ´ÐÐÁ˹ýʧµÄ¶Áд²Ù×÷ ¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îµ¼Ö»º³åÇøÒç³ö»ò¶ÑÒç³öµÈ ¡£¡£¡£


CVE-2019-5080

I/O-Check¹¦Ð§±£´æ»á¼û¿ØÖƹýʧÎó²î ¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úƷδ׼ȷÏÞÖÆÀ´×ÔδÊÚȨ½ÇÉ«µÄ×ÊÔ´»á¼û ¡£¡£¡£


CVE-2019-5081

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î ¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÖ´ÐдúÂë ¡£¡£¡£


CVE-2019-5082

I/O-Check¹¦Ð§±£´æ»º³åÇø¹ýʧÎó²î ¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÖ´ÐдúÂë ¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP ¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´ÈçÏÂÁù¸öÎó²î £¬£¬ £¬£¬Çë¸üй̼þÖÁ>= FW 15£ºCVE-2019-5073¡¢CVE-2019-5074¡¢CVE-2019-5075¡¢CVE-2019-5079¡¢CVE-2019-5081¡¢CVE-2019-5082 ¡£¡£¡£Ç¿ÁÒ½¨ÒéÔÚµ÷ÊÔºó½ûÓÃI/O-CheckЧÀÍʹÓõĶ˿Ú6626 ¡£¡£¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/several-critical-vulnerabilities-found-wago-controllers