In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Codesys
  • Plcwinnt
  • Runtime Toolkit
Wago
  • 750-8202
  • 750-8202 Firmware
  • 750-8203
  • 750-8203 Firmware
  • 750-8204
  • 750-8204 Firmware
  • 750-8206
  • 750-8206 Firmware
  • 750-8207
  • 750-8207 Firmware
  • 750-8208
  • 750-8208 Firmware
  • 750-8210
  • 750-8210 Firmware
  • 750-8211
  • 750-8211 Firmware
  • 750-8212
  • 750-8212 Firmware
  • 750-8213
  • 750-8213 Firmware
  • 750-8214
  • 750-8214 Firmware
  • 750-8216
  • 750-8216 Firmware
  • 750-8217
  • 750-8217 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:wago:750-8202_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8202:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:wago:750-8203_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8203:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:wago:750-8204_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8204:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:wago:750-8206_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8206:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:wago:750-8207_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8207:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:wago:750-8208_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8208:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:wago:750-8210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8210:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:wago:750-8211_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8211:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:wago:750-8212_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:wago:750-8213_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8213:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:wago:750-8214_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8214:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:wago:750-8216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8216:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:wago:750-8217_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8217:-:*:*:*:*:*:*:*

Configuration 14 [-]

OR cpe:2.3:a:codesys:plcwinnt:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:x86:*

No data.

References
Link Providers
http://packetstormsecurity.com/files/164716/CODESYS-2.4.7.0-Denial-Of-Service.html cve-icon cve-icon
http://packetstormsecurity.com/files/165874/WAGO-750-8xxx-PLC-Denial-Of-Service-User-Enumeration.html cve-icon cve-icon
http://seclists.org/fulldisclosure/2021/Oct/64 cve-icon cve-icon
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175&download= cve-icon cve-icon
History

Fri, 15 Aug 2025 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Wago
Wago 750-8202
Wago 750-8202 Firmware
Wago 750-8203
Wago 750-8203 Firmware
Wago 750-8204
Wago 750-8204 Firmware
Wago 750-8206
Wago 750-8206 Firmware
Wago 750-8207
Wago 750-8207 Firmware
Wago 750-8208
Wago 750-8208 Firmware
Wago 750-8210
Wago 750-8210 Firmware
Wago 750-8211
Wago 750-8211 Firmware
Wago 750-8212
Wago 750-8212 Firmware
Wago 750-8213
Wago 750-8213 Firmware
Wago 750-8214
Wago 750-8214 Firmware
Wago 750-8216
Wago 750-8216 Firmware
Wago 750-8217
Wago 750-8217 Firmware
CPEs cpe:2.3:h:wago:750-8202:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8203:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8204:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8206:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8207:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8208:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8210:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8211:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8213:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8214:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8216:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8217:-:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8202_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8203_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8204_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8206_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8207_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8208_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8211_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8212_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8213_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8214_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8216_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:wago:750-8217_firmware:*:*:*:*:*:*:*:*
Vendors & Products Wago
Wago 750-8202
Wago 750-8202 Firmware
Wago 750-8203
Wago 750-8203 Firmware
Wago 750-8204
Wago 750-8204 Firmware
Wago 750-8206
Wago 750-8206 Firmware
Wago 750-8207
Wago 750-8207 Firmware
Wago 750-8208
Wago 750-8208 Firmware
Wago 750-8210
Wago 750-8210 Firmware
Wago 750-8211
Wago 750-8211 Firmware
Wago 750-8212
Wago 750-8212 Firmware
Wago 750-8213
Wago 750-8213 Firmware
Wago 750-8214
Wago 750-8214 Firmware
Wago 750-8216
Wago 750-8216 Firmware
Wago 750-8217
Wago 750-8217 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-10-26T09:55:51.381906Z

Updated: 2024-09-17T04:10:03.625Z

Reserved: 2021-06-10T00:00:00

Link: CVE-2021-34593

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-10-26T10:15:08.013

Modified: 2025-08-15T20:25:58.247

Link: CVE-2021-34593

cve-icon Redhat

No data.