VDE-2022-055

Vulnerability from csaf_wagogmbhcokg - Published: 2023-02-16 13:43 - Updated: 2023-02-16 13:43
Summary
WAGO: Exposure of configuration interface in unmanaged switches
Notes
Summary: An unknown and undocumented configuration interface with limited functionality was identified on the affected devices.
Impact: An unprivileged attacker can configure network setting to violate confidentiality of transferred packages if the network packages themselves are not protected by cryptographic measures. Additionally, the attacker can violate the availability of network clients by changing network settings (e.g., deactivate network ports).
Mitigation: Restrict network access to the device. Do not directly connect the device to the internet
Remediation: A firmware update which fixes the problem is available. Users who want to do a firmware update should contact the WAGO support.
CVE-2022-3843

In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.

9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CWE-912 - Hidden Functionality
Mitigation Restrict network access to the device. Do not directly connect the device to the internet
Vendor Fix A firmware update which fixes the problem is available. Users who want to do a firmware update should contact the WAGO support.
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "An unknown\u00a0and undocumented configuration interface with limited functionality was identified on the affected devices.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "An unprivileged attacker can configure network setting to violate confidentiality of transferred packages if the network packages themselves are not protected by cryptographic measures. Additionally, the attacker can violate the availability of network clients by changing network settings (e.g., deactivate network ports).",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Restrict network access to the device.\nDo not directly connect the device to the internet",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "A firmware update which fixes the problem is available. Users who want to do a firmware update\u00a0should contact the WAGO support.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@wago.com",
      "name": "WAGO GmbH \u0026 Co. KG",
      "namespace": "https://www.wago.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2022-055: WAGO: Exposure of configuration interface in unmanaged switches - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2022-055/"
      },
      {
        "category": "self",
        "summary": "VDE-2022-055: WAGO: Exposure of configuration interface in unmanaged switches - CSAF",
        "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2022-055.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.wago.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/wago/"
      }
    ],
    "title": "WAGO: Exposure of configuration interface in unmanaged switches",
    "tracking": {
      "aliases": [
        "VDE-2022-055"
      ],
      "current_release_date": "2023-02-16T13:43:00.000Z",
      "generator": {
        "date": "2025-05-14T13:22:35.925Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.25"
        }
      },
      "id": "VDE-2022-055",
      "initial_release_date": "2023-02-16T13:43:00.000Z",
      "revision_history": [
        {
          "date": "2023-02-16T13:43:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Unmanaged Switch",
                "product": {
                  "name": "Unmanaged Switch",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "852-111/000-001"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "01",
                "product": {
                  "name": "Firmware 01",
                  "product_id": "CSAFPID-21001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "WAGO"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 01 installed on Unmanaged Switch",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-3843",
      "cwe": {
        "id": "CWE-912",
        "name": "Hidden Functionality"
      },
      "notes": [
        {
          "category": "description",
          "text": "In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Restrict network access to the device.\nDo not directly connect the device to the internet",
          "product_ids": [
            "CSAFPID-31001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "A firmware update which fixes the problem is available. Users who want to do a firmware update\u00a0should contact the WAGO support.",
          "product_ids": [
            "CSAFPID-31001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.1,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.1,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001"
          ]
        }
      ],
      "title": "CVE-2022-3843"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.