Wago Shell
Added: 03/31/2016Background
Wago PLCs are used in Factory and building automation. Wago ethernet PLCs are connected by IP and can be administered remotely.Problem
Wago PLC devices use CoDeSyS protocols to program the device. If the programming ports are left open an attacker is able to upload, download and execute code on the devices without authentication.Limitations
The root shell can be accessed from the Connections tab. The 'File Upload' functionality does not function due to the limitations of the Wago shell.
References
http://www-01.ibm.com/support/docview.wss?uid=swg21970575Resolution
Update the ICS-ALERT-12-097-02A.Platforms
WagoBack to exploit index