本ページは wago edge_controller_firmware に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-3379 | Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges. | [email protected] | 5.3 | 0.20% | 2023-11-20 | 2026-06-17 |
| CVE-2023-4089 | On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected. | [email protected] | 2.7 | 0.47% | 2023-10-17 | 2026-06-17 |
| CVE-2023-1698 | In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. | [email protected] | 9.8 | 81.91% | 2023-05-15 | 2026-06-17 |
| CVE-2022-3738 | The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull. | [email protected] | 5.9 | 0.62% | 2023-01-19 | 2026-06-17 |