Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

750-891

Source -

CNANVD

CNA CVEs -

4

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

24
Related CVEsRelated VendorsRelated AssignersReports
24Vulnerabilities found
CVE-2023-1150
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.63%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 06:19
Updated-05 Dec, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Series 750-3x/-8x prone to MODBUS server DoS

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.

Action-Not Available
Vendor-wagoWAGO
Product-750-890_firmware750-890\/025-002750-890\/025-000750-890\/025-001750-823750-832\/000-002750-365\/040-010_firmware750-890\/040-000_firmware750-362\/000-001750-823_firmware750-890750-890\/025-001_firmware750-832750-365\/040-010750-832\/000-002_firmware750-862_firmware750-891750-890\/040-000750-893_firmware750-364\/040-010750-890\/025-002_firmware750-890\/025-000_firmware750-364\/040-010_firmware750-891_firmware750-362\/040-000_firmware750-893750-362750-363\/040-000750-362\/040-000750-363\/040-000_firmware750-362_firmware750-362\/000-001_firmware750-363_firmware750-363750-862750-832_firmware750-332750-890/xxx-xxx750-832/xxx-xxx750-363/xxx-xxx750-893750-823750-362/xxx-xxx750-365/xxx-xxx750-862750-891750-364/xxx-xxx
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2023-1620
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-4.9||MEDIUM
EPSS-0.13% / 32.63%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 06:19
Updated-12 Nov, 2024 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: DoS in multiple products in multiple versions using Codesys

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.

Action-Not Available
Vendor-wagoWago
Product-750-8202\/040-001_firmware750-8203_firmware750-8212\/025-002750-890\/025-000750-8213\/040-010_firmware750-8210_firmware750-8206_firmware750-8215_firmware750-8211\/040-000750-891750-890\/040-000750-831\/000-002750-831750-891_firmware750-8213\/040-010750-8208\/025-001_firmware750-8207\/025-001750-880750-8215750-8202\/000-012750-8212\/040-001_firmware750-8202\/000-022750-8216\/040-000_firmware750-8212\/040-000_firmware750-889750-8212\/000-100_firmware750-331_firmware750-8217_firmware750-8212\/025-000_firmware750-8211\/040-001750-8213750-8214_firmware750-829_firmware750-890\/025-002750-880\/040-000_firmware750-885\/025-000750-8202\/040-000750-832\/000-002750-8204750-8213_firmware750-8207_firmware750-8206\/025-001_firmware750-8204\/025-000_firmware750-890\/025-001_firmware750-832\/000-002_firmware750-8206\/040-000750-880\/025-000750-8204_firmware750-8217\/625-000_firmware750-8202\/000-012_firmware750-8212750-893_firmware750-880\/040-000750-8202\/025-001_firmware750-881750-882_firmware750-8216\/025-001_firmware750-8202_firmware750-862750-8207750-8217\/025-000_firmware750-832_firmware750-8206750-8208_firmware750-8207\/025-000_firmware750-885\/025-000_firmware750-8207\/025-000750-8211\/040-001_firmware750-885750-8216\/025-000_firmware750-8216750-890\/040-000_firmware750-8212\/000-100750-8216\/025-001750-8210\/040-000_firmware750-8210\/025-000750-880_firmware750-8206\/040-001750-8207\/025-001_firmware750-8216_firmware750-8202\/040-001750-8206\/025-000750-8212\/025-002_firmware750-880\/025-001_firmware750-8212_firmware750-8202\/025-000_firmware750-8208750-8211\/040-000_firmware750-881_firmware750-8217\/025-000750-8212\/025-001_firmware750-890\/025-002_firmware750-885_firmware750-890\/025-000_firmware750-8212\/040-010_firmware750-8202\/000-011_firmware750-8208\/025-000_firmware750-880\/025-002_firmware750-893750-8212\/040-001750-8211_firmware750-8206\/040-001_firmware750-8208\/025-001750-852_firmware750-8208\/025-000750-8212\/040-010750-8212\/040-000750-890_firmware750-880\/025-001750-8217\/625-000750-8203750-890\/025-001750-823750-8214750-8202750-8210\/040-000750-8217\/600-000_firmware750-8203\/025-000_firmware750-8203\/025-000750-823_firmware750-8202\/025-002750-8210\/025-000_firmware750-8206\/040-000_firmware750-889_firmware750-890750-832750-8211750-862_firmware750-8202\/025-002_firmware750-880\/025-000_firmware750-880\/025-002750-8204\/025-000750-8212\/025-000750-331750-8202\/025-000750-8206\/025-000_firmware750-829750-8212\/025-001750-8202\/000-022_firmware750-8216\/040-000750-831_firmware750-8202\/000-011750-8217\/600-000750-8206\/025-001750-8202\/025-001750-8216\/025-000750-8202\/040-000_firmware750-882750-831\/000-002_firmware750-852750-8217750-8210750-332750-890/xxx-xxx750-831/xxx-xxx750-880/xxx-xxx750-331750-8203/xxx-xxx750-885/xxx-xxx750-8207/xxx-xxx750-8206/xxx-xxx750-829750-823750-8211/xxx-xxx750-8204/xxx-xxx750-893750-881750-8217/xxx-xxx750-8216/xxx-xxx750-8213/xxx-xxx750-8210/xxx-xxx750-882750-832/xxx-xxx750-891750-862750-889750-8212/xxx-xxx750-852750-8202/xxx-xxx750-8214/xxx-xxx750-8208/xxx-xxx
CWE ID-CWE-1288
Improper Validation of Consistency within Input
CVE-2023-1619
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 39.02%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 06:18
Updated-02 Oct, 2024 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: DoS in multiple versions of multiple products

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.

Action-Not Available
Vendor-wagoWago
Product-750-8202\/040-001_firmware750-8203_firmware750-8212\/025-002750-890\/025-000750-8213\/040-010_firmware750-8210_firmware750-8206_firmware750-8215_firmware750-8211\/040-000750-891750-890\/040-000750-831\/000-002750-831750-891_firmware750-8213\/040-010750-8208\/025-001_firmware750-8207\/025-001750-880750-8215750-8202\/000-012750-8212\/040-001_firmware750-8202\/000-022750-8216\/040-000_firmware750-8212\/040-000_firmware750-889750-8212\/000-100_firmware750-331_firmware750-8217_firmware750-8212\/025-000_firmware750-8211\/040-001750-8213750-8214_firmware750-829_firmware750-890\/025-002750-880\/040-000_firmware750-885\/025-000750-8202\/040-000750-832\/000-002750-8204750-8213_firmware750-8207_firmware750-8206\/025-001_firmware750-8204\/025-000_firmware750-890\/025-001_firmware750-832\/000-002_firmware750-8206\/040-000750-880\/025-000750-8204_firmware750-8217\/625-000_firmware750-8202\/000-012_firmware750-8212750-893_firmware750-880\/040-000750-8202\/025-001_firmware750-881750-882_firmware750-8216\/025-001_firmware750-8202_firmware750-862750-8207750-8217\/025-000_firmware750-832_firmware750-8206750-8208_firmware750-8207\/025-000_firmware750-885\/025-000_firmware750-8207\/025-000750-8211\/040-001_firmware750-885750-8216\/025-000_firmware750-8216750-890\/040-000_firmware750-8212\/000-100750-8216\/025-001750-8210\/040-000_firmware750-8210\/025-000750-880_firmware750-8206\/040-001750-8207\/025-001_firmware750-8216_firmware750-8202\/040-001750-8206\/025-000750-8212\/025-002_firmware750-880\/025-001_firmware750-8212_firmware750-8202\/025-000_firmware750-8208750-8211\/040-000_firmware750-881_firmware750-8217\/025-000750-8212\/025-001_firmware750-890\/025-002_firmware750-885_firmware750-890\/025-000_firmware750-8212\/040-010_firmware750-8202\/000-011_firmware750-8208\/025-000_firmware750-880\/025-002_firmware750-893750-8212\/040-001750-8211_firmware750-8206\/040-001_firmware750-8208\/025-001750-852_firmware750-8208\/025-000750-8212\/040-010750-8212\/040-000750-890_firmware750-880\/025-001750-8217\/625-000750-8203750-890\/025-001750-823750-8214750-8202750-8210\/040-000750-8217\/600-000_firmware750-8203\/025-000_firmware750-8203\/025-000750-823_firmware750-8202\/025-002750-8210\/025-000_firmware750-8206\/040-000_firmware750-889_firmware750-890750-832750-8211750-862_firmware750-8202\/025-002_firmware750-880\/025-000_firmware750-880\/025-002750-8204\/025-000750-8212\/025-000750-331750-8202\/025-000750-8206\/025-000_firmware750-829750-8212\/025-001750-8202\/000-022_firmware750-8216\/040-000750-831_firmware750-8202\/000-011750-8217\/600-000750-8206\/025-001750-8202\/025-001750-8216\/025-000750-8202\/040-000_firmware750-882750-831\/000-002_firmware750-852750-8217750-8210750-332750-890/xxx-xxx750-831/xxx-xxx750-880/xxx-xxx750-331750-8203/xxx-xxx750-885/xxx-xxx750-8207/xxx-xxx750-8206/xxx-xxx750-829750-823750-8211/xxx-xxx750-8204/xxx-xxx750-893750-881750-8217/xxx-xxx750-8216/xxx-xxx750-8213/xxx-xxx750-8210/xxx-xxx750-882750-832/xxx-xxx750-891750-862750-889750-8212/xxx-xxx750-852750-8202/xxx-xxx750-8214/xxx-xxx750-8208/xxx-xxx
CWE ID-CWE-1288
Improper Validation of Consistency within Input
CVE-2021-34596
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.43%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 runtime: Access of Uninitialized Pointer may result in denial-of-service

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204plcwinnt750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2021-34595
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-8.1||HIGH
EPSS-0.47% / 63.70%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 runtime: out-of-bounds read or write access may result in denial-of-service

A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204plcwinnt750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2021-34586
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-3.29% / 86.69%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 web server: crafted requests could trigger a null pointer dereference (DoS)

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-34585
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.52%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 web server: crafted requests could trigger a pointer dereference with an invalid address (DoS)

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-252
Unchecked Return Value
CVE-2021-34584
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-9.1||CRITICAL
EPSS-0.61% / 68.68%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 web server: crafted requests could trigger a buffer over-read (DoS)

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-126
Buffer Over-read
CVE-2021-34583
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-3.82% / 87.67%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 web server: crafted requests could trigger a heap-based buffer overflow (DoS)

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34578
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 55.78%
||
7 Day CHG~0.00%
Published-31 Aug, 2021 | 10:33
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Authentication Vulnerability in Web-Based Management

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07.

Action-Not Available
Vendor-wagoWAGO
Product-750-890\/040-000750-893_firmware750-890\/025-002750-890\/025-002_firmware750-890\/025-000750-890\/025-001750-890\/025-000_firmware750-891_firmware750-823750-832\/000-002750-893750-362750-890\/040-000_firmware750-823_firmware750-362_firmware750-890\/025-001_firmware750-832750-363_firmware750-832\/000-002_firmware750-363750-862_firmware750-891750-862750-832_firmwarePLC
CWE ID-CWE-287
Improper Authentication
CVE-2021-30195
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 61.03%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204plcwinnt750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30188
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203v2_runtime_system_sp750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30186
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 62.81%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204plcwinnt750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30194
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.53% / 66.20%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30193
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 66.20%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30192
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 66.20%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CVE-2021-30191
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.32%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30190
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.59%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-30189
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30187
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 31.10%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 11:47
Updated-15 Aug, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-21001
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.75%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 11:05
Updated-15 Aug, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: PFC200 Access to files outside the home directory

On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.

Action-Not Available
Vendor-wagoWAGO
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmware750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareSeries Ethernet ControllerSeries PFC200 Controller
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-21000
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-5.3||MEDIUM
EPSS-0.13% / 33.19%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 11:05
Updated-15 Aug, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: PFC200 Denial of Service due to the number of connections to the runtime

On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.

Action-Not Available
Vendor-wagoWAGO
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmware750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareSeries Ethernet ControllerSeries PFC200 Controller
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-12506
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-9.1||CRITICAL
EPSS-0.27% / 50.08%
||
7 Day CHG~0.00%
Published-30 Sep, 2020 | 15:43
Updated-17 Sep, 2024 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Authentication Bypass Vulnerability in WAGO 750-36X and WAGO 750-8XX Versions <= FW03

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions.

Action-Not Available
Vendor-wagoWAGO
Product-750-890_firmware750-362_firmware750-890750-832750-363_firmware750-363750-862_firmware750-891_firmware750-823750-862750-891750-362750-832_firmware750-823_firmware750-890/xxx-xxx750-832/xxx-xxx750-363750-823750-891750-862750-362
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2018-16210
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.33% / 55.08%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 20:00
Updated-13 Jun, 2025 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field.

Action-Not Available
Vendor-wagon/a
Product-750-352_firmware750-889750-881_firmware750-363750-823_firmware750-889_firmware750-852750-891_firmware750-890750-862750-880_firmware750-352750-881wago_750-881_ethernet_controller_devices750-832_firmware750-831750-890_firmwarewago_750-881_ethernet_controller_devices_firmware750-862_firmware750-852_firmware750-880750-831_firmware750-832750-362_firmware750-891750-362750-823750-363_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')