Wago PFC200 Authentication Bypass (CVE-2016-9362)

critical Tenable OT Security Plugin ID 500924

Synopsis

The remote OT asset is affected by a vulnerability.

Description

An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to edit and to view settings without authenticating.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.securityfocus.com/bid/95074

https://ics-cert.us-cert.gov/advisories/ICSA-16-357-02

Plugin Details

Severity: Critical

ID: 500924

Version: 1.3

Type: remote

Family: Tenable.ot

Published: 3/29/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2016-9362

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:wago:pfc200_firmware:-

Required KB Items: Tenable.ot/Wago

Exploit Ease: No known exploits are available

Patch Publication Date: 2/13/2017

Vulnerability Publication Date: 2/13/2017

Reference Information

CVE: CVE-2016-9362

CWE: 287

ICSA: 16-357-02