CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12549

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://cert.vde.com/en-us/advisories/vde-2019-013
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-02
https://www.wago.com/us/
https://cert.vde.com/en-us/advisories/vde-2019-013
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-02
https://www.wago.com/us/

Products affected by CVE-2019-12549

Wago » 852-1305 » Version: N/A

cpe:2.3:h:wago:852-1305:-
Wago » 852-1505 » Version: N/A

cpe:2.3:h:wago:852-1505:-
Wago » 852-303 » Version: N/A

cpe:2.3:h:wago:852-303:-
Wago » 852-1305 Firmware » Version: Any

cpe:2.3:o:wago:852-1305_firmware:*
Wago » 852-1505 Firmware » Version: Any

cpe:2.3:o:wago:852-1505_firmware:*
Wago » 852-303 Firmware » Version: Any

cpe:2.3:o:wago:852-303_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12549

Products

Pricing

Contact Us