CVE-2016-9362 WAGO PLC Ethernet Web-based Management Authentication Bypass Vulnerability

WAGO PLCs are used for various commercial facilities, critical manufacturing, energy, and transportation systems.

WAGO PLCs are exposed to authentication bypass vulnerability that allows an attacker to change system settings without authentication.

Affected Products:
1) WAGO 750-8202/PFC200 prior to FW04 (released August 2015)
2) WAGO 750-881 prior to FW09 (released August 2016)
3) WAGO 0758-0874-0000-0111

Successfully exploiting this vulnerability might allow a remote attacker to change system settings without authentication.

There are no vendor provided patches available at this time.