CVE-2021-20996 Explained : Impact and Mitigation
Learn about CVE-2021-20996 affecting WAGO managed switches, allowing data leakage via unsecure cookie settings. Find mitigation steps and firmware updates here.
Multiple managed switches by WAGO are affected by a vulnerability that allows specially crafted requests to cause cookies to be sent to unauthorized third parties.
Understanding CVE-2021-20996
This CVE involves unsecure cookie settings in WAGO managed switches, potentially leading to sensitive information exposure.
What is CVE-2021-20996?
CVE-2021-20996 affects various WAGO managed switch models where malicious requests can result in the unauthorized sharing of cookies.
The Impact of CVE-2021-20996
The vulnerability could lead to a breach of confidentiality as cookies may be exposed to unintended recipients.
Technical Details of CVE-2021-20996
WAGO managed switches with specific firmware versions are vulnerable to this flaw.
Vulnerability Description
Crafted requests can trigger the transfer of cookies to third parties, posing a risk to data confidentiality.
Affected Systems and Versions
WAGO managed switches including 0852-0303, 0852-1305, 0852-1505, 0852-1305/000-001, and 0852-1505/000-001 up to certain firmware versions.
Exploitation Mechanism
Attackers can exploit this vulnerability by sending specially crafted requests to the affected managed switches.
Mitigation and Prevention
To address CVE-2021-20996, users are advised to take immediate action and implement long-term security measures.
Immediate Steps to Take
Disable the web server, use the CLI interface, update to the latest firmware, restrict network access, and avoid direct internet connections.
Long-Term Security Practices
Regularly update firmware, monitor for security advisories, and follow best practices for secure device configuration.
Patching and Updates
WAGO recommends disabling the web server post configuration and applying specific firmware patches depending on the hardware version.