WAGO Mitigates Vulnerabilities

Wednesday, June 20, 2012 @ 06:06 PM gHale


By adjusting system configurations of services not in use, a user can mitigate the vulnerabilities in the WAGO I/O System 750, according to a report on ICS-CERT.

In addition, WAGO released a customer cyber security notification on best security practices for its products.

RELATED STORIES
Wonderware Patches Unicode Hole
Wonderware SuiteLink Vulnerability
Sielco SCADA/HMI Vulnerability
Vulnerabilities in mGuard Line

This all comes after a public report of multiple vulnerabilities with proof-of-concept (PoC) exploit code affecting the WAGO I/O System 750, a controller product first came out in January.

The WAGO I/O System 750 sees use in the industrial automation, building automation, marine automation, and on and offshore applications. Digital Security Research Group (DSecRG) released these reports without coordination with either the vendor or ICS-CERT.

One vulnerability was data leakage resulting in a download of firmware. In Section 10.4 of the WAGO I/O 750-841 User’s Manual, it is possible to disable Ports 44818/TCP and 2222/UDP, thereby disabling the Web Based Management system preventing the download of firmware. WAGO recommends these ports remain disabled when not seeing use. Section 12.1.1.5 recommends installing controllers behind firewalls.

Another hole was data leakage resulting in loss of confidentiality. In Section 10.4 of the WAGO I/O 750-841 User’s Manual, a user can disable Port 80/TCP, thereby disabling the Web Based Management system. WAGO recommends that these ports remain disabled when not seeing activity. Section 12.1.1.5 recommends using controllers behind firewalls.

Another vulnerability is unauthorized access resulting in a denial of service or loss of system integrity. The 750-841 provides a Web Server Authentication function. By default, this function comes enabled, but the user can disable it. If enabled, the user must enter the previous password before changing the password. If disabled, you can change the password without first entering the previous password. WAGO recommends this function remain enabled. A description of the Web Server Authentication is in Section 10.8 of the WAGO I/O 750-841 User’s Manual. These features are in the WAGO I/O 750-841 User’s Manual.



Leave a Reply

You must be logged in to post a comment.