Remote attackers can send a specially crafted TCP connection to crash the iocheck process and write memory resulting in loss of integrity and DoS.

An unauthenticated remote attacker can send a specially crafted packet to crash the iocheck process and write memory resulting in loss of integrity and DoS.

CVE Solution: Update WAGO I/O-Check Service installed products on the network to the latest versions.

CVE References: CVE-2016-10605, CVE-2016-10606, CVE-2016-10607, CVE-2016-10608, CVE-2016-10609, CVE-2016-10610, CVE-2016-10611,

CVE-2016-10612, CVE-2016-10613, CVE-2016-10614, CVE-2016-10615, CVE-2016-10616, CVE-2016-10617, CVE-2016-10618,

CVE-2016-10619, CVE-2016-10620, CVE-2016-10621, CVE-2016-10622, CVE-2016-10623, CVE-2016-10624, CVE-2016-10625,

CVE-2016-10626, CVE-2016-10627, CVE-2016-10628, CVE-2016-10629, CVE-2016-10630, CVE-2016-10631, CVE-2016-10632,

CVE-2016-106

Remote exploitation of WAGO I/O-Check Service

An unauthenticated remote attacker can send a specially crafted packet to crash the iocheck process and write memory resulting in loss of integrity and DoS.

WAGO I/O-Check Service updates

To mitigate this potential attack vector, the latest versions of WAGO I/O-Check Service should be installed on the network.

WAGO I/O-Check Installation

A remote attacker can send a specially crafted TCP connection to crash the iocheck process and write memory resulting in loss of integrity and DoS.

An unauthenticated remote attacker can send a specially crafted packet to crash the iocheck process and write memory resulting in loss of integrity and DoS.

Timeline

Published on: 11/09/2022 16:15:00 UTC
Last modified on: 11/09/2022 16:32:00 UTC

References