Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34596 | 2 Codesys, Wago | 57 Codesys, Plcwinnt, Runtime Toolkit and 54 more | 2025-08-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition. | |||||
| CVE-2021-21000 | 1 Wago | 54 750-8202, 750-8202 Firmware, 750-8203 and 51 more | 2025-08-15 | 5.0 MEDIUM | 5.3 MEDIUM |
| On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime. | |||||
| CVE-2021-21001 | 1 Wago | 54 750-8202, 750-8202 Firmware, 750-8203 and 51 more | 2025-08-15 | 4.0 MEDIUM | 9.1 CRITICAL |
| On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. | |||||
| CVE-2021-30186 | 2 Codesys, Wago | 56 Plcwinnt, Runtime Toolkit, 750-8202 and 53 more | 2025-08-15 | 5.0 MEDIUM | 7.5 HIGH |
| CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. | |||||
| CVE-2023-1620 | 1 Wago | 152 750-331, 750-331 Firmware, 750-8202 and 149 more | 2024-11-21 | N/A | 4.9 MEDIUM |
| Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. | |||||
| CVE-2023-1619 | 1 Wago | 152 750-331, 750-331 Firmware, 750-8202 and 149 more | 2024-11-21 | N/A | 4.9 MEDIUM |
| Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. | |||||
| CVE-2023-1150 | 1 Wago | 36 750-362, 750-362\/000-001, 750-362\/000-001 Firmware and 33 more | 2024-11-21 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets. | |||||
| CVE-2021-34578 | 1 Wago | 24 750-362, 750-362 Firmware, 750-363 and 21 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07. | |||||