Remote attackers can send a specially crafted TCP connection to crash the iocheck process and write memory resulting in loss of integrity and DoS.
An unauthenticated remote attacker can send a specially crafted packet to crash the iocheck process and write memory resulting in loss of integrity and DoS.
CVE Solution: Update WAGO I/O-Check Service installed products on the network to the latest versions.
CVE References: CVE-2016-10605, CVE-2016-10606, CVE-2016-10607, CVE-2016-10608, CVE-2016-10609, CVE-2016-10610, CVE-2016-10611,
CVE-2016-10612, CVE-2016-10613, CVE-2016-10614, CVE-2016-10615, CVE-2016-10616, CVE-2016-10617, CVE-2016-10618,
CVE-2016-10619, CVE-2016-10620, CVE-2016-10621, CVE-2016-10622, CVE-2016-10623, CVE-2016-10624, CVE-2016-10625,
CVE-2016-10626, CVE-2016-10627, CVE-2016-10628, CVE-2016-10629, CVE-2016-10630, CVE-2016-10631, CVE-2016-10632,
CVE-2016-106
Remote exploitation of WAGO I/O-Check Service
An unauthenticated remote attacker can send a specially crafted packet to crash the iocheck process and write memory resulting in loss of integrity and DoS.
WAGO I/O-Check Service updates
To mitigate this potential attack vector, the latest versions of WAGO I/O-Check Service should be installed on the network.
WAGO I/O-Check Installation
A remote attacker can send a specially crafted TCP connection to crash the iocheck process and write memory resulting in loss of integrity and DoS.
An unauthenticated remote attacker can send a specially crafted packet to crash the iocheck process and write memory resulting in loss of integrity and DoS.
Timeline
Published on: 11/09/2022 16:15:00 UTC
Last modified on: 11/09/2022 16:32:00 UTC