U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2020-12506

Change History

CVE Modified by CERT VDE 11/10/2021 7:15:14 AM

Action Type Old Value New Value
Added CWE 

								
							
							
								
							
						
								
							
								
CERT@VDE CWE-306

								
								
					

					

						Removed
						CWE
						
							
							
								
							
								
CERT@VDE CWE-287

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						CWE Reason
						
							
							
								
							
								
CWE-287 / More specific CWE option available

								
							
							
								
							
						
								
							
								

								
								
					

					

						Changed
						Description
						
							
							
								
							
								
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362 version FW03 and prior versions. WAGO 750-363 version FW03 and prior versions. WAGO 750-823 version FW03 and prior versions. WAGO 750-832/xxx-xxx version FW03 and prior versions. WAGO 750-862 version FW03 and prior versions. WAGO 750-891 version FW03 and prior versions. WAGO 750-890/xxx-xxx version FW03 and prior versions.

								
							
							
								
							
						
								
							
								
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions.