CVE-2021-34581

HIGH

Wago 750-880/040-000 Firmware < fw15 - Resource Leak

Title source: rule

Description

Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device.

References (1)

[Third Party Advisory] https://cert.vde.com/en-us/advisories/vde-2021-038

Scores

CVSS v3 7.5

EPSS 0.0172

EPSS Percentile 82.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-772

Status published

Affected Products (9)

wago/750-880\/040-000_firmware < fw15

wago/750-880\/025-002_firmware < fw15

wago/750-880\/025-001_firmware < fw15

wago/750-880\/025-000_firmware < fw15

wago/750-831\/000-002_firmware < fw15

wago/750-889_firmware < fw15

wago/750-881_firmware < fw15

wago/750-831_firmware < fw15

wago/750-880_firmware < fw15

Timeline

Published Aug 31, 2021

Tracked Since Feb 18, 2026