March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Delta Industrial Automation CNCSoft Multiple Vulnerabilities
April 17, 2019Rewterz Threat Advisory – CVE-2019-10953 – PLC Cycle Time Influences Resource Consumption Vulnerability
April 17, 2019Rewterz Threat Advisory – Delta Industrial Automation CNCSoft Multiple Vulnerabilities
April 17, 2019Rewterz Threat Advisory – CVE-2019-10953 – PLC Cycle Time Influences Resource Consumption Vulnerability
April 17, 2019
Severity
High
Analysis Summary
By exploiting the undocumented service access, it is possible to change the settings of a device and access web-based management with administrator privileges. An attacker can exploit this vulnerability to lock other users out from the device or open closed network ports. It is also possible to use this service access as an FTP user and exchange or delete the application.
Impact
Use of hard coded credentials
Affected Vendors
WAGO
Affected Products
Series 750-88x and 750-87x
Remediation
Vendor recommends updating to the newest firmware and taking the following defensive measures:
- Restrict network access to the web server.
- Restrict network access to the device.
- Do not directly connect the device to the Internet.