Critical severity9.8NVD Advisory· Published Feb 13, 2018· Updated Jun 17, 2026
CVE-2018-5459
CVE-2018-5459
Description
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >= 2.3.X, <= 2.4.X
- Range: >= 2.3.X, <= 2.4.X
Patches
Vulnerability mechanics
References
1- ics-cert.us-cert.gov/advisories/ICSA-18-044-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.