VDE-2025-062
Vulnerability from csaf_wagogmbhcokg - Published: 2025-11-03 11:00 - Updated: 2025-11-03 11:00Summary
WAGO: Multiple Vulnerabilities in CODESYS components
Severity
High
Notes
Summary: Several WAGO firmwares installed on different devices are impacted by various CODESYS vulnerabilities. These affect the runtime, visualization, and OPC UA server.
Impact: CVE-2025-0694:
The used OPC UA protocol supports an outdated RSA encryption scheme. This allows an unauthenticated attacker to compromise the private key of the OPC UA server and bypass authentication or decrypt transmitted data.
CVE-2025-1468:
On a device with an executed Visualization an unauthenticated attacker can access static visualization files like texts or images via the web browser.
CVE-2025-2595:
Through the SysFile component (included by the CODESYS Control runtime system) an authenticated user is able to access the local file system. An authenticated attacker could use this to set a whitelist that gives access to paths inside or outside the default directory. This is possible by using placeholder similar to environmental variables.
Remediation: Update to Firmware version 04.08.01 (FW30), 03.10.11 (FW22 Patch 2) or 01.05.01. For the latest Custom Firmware please contact the WAGO support.
Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.
6.6 (Medium)
Vendor Fix
Update to Firmware version 04.08.01 (FW30), 01.05.01 (FW05), 03.10.11 (FW22 Patch 2). For the latest Custom Firmware please contact the WAGO support.
An unauthenticated remote attacker can gain access to sensitive information including authentication information when using CODESYS OPC UA Server with the non-default Basic128Rsa15 security policy.
7.5 (High)
Vendor Fix
Update to Firmware version 04.08.01 (FW30), 01.05.01 (FW05), 03.10.11 (FW22 Patch 2). For the latest Custom Firmware please contact the WAGO support.
An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing.
5.3 (Medium)
Vendor Fix
Update to Firmware version 04.08.01 (FW30), 01.05.01 (FW05), 03.10.11 (FW22 Patch 2). For the latest Custom Firmware please contact the WAGO support.
References
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "High"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Several WAGO firmwares installed on different devices are impacted by various CODESYS vulnerabilities. These affect the runtime, visualization, and OPC UA server.",
"title": "Summary"
},
{
"category": "description",
"text": "CVE-2025-0694:\nThe used OPC UA protocol supports an outdated RSA encryption scheme. This allows an unauthenticated attacker to compromise the private key of the OPC UA server and bypass authentication or decrypt transmitted data. \n\nCVE-2025-1468:\nOn a device with an executed Visualization an unauthenticated attacker can access static visualization files like texts or images via the web browser.\n\nCVE-2025-2595:\nThrough the SysFile component (included by the CODESYS Control runtime system) an authenticated user is able to access the local file system. An authenticated attacker could use this to set a whitelist that gives access to paths inside or outside the default directory. This is possible by using placeholder similar to environmental variables. ",
"title": "Impact"
},
{
"category": "description",
"text": "Update to Firmware version 04.08.01 (FW30), 03.10.11 (FW22 Patch 2) or 01.05.01. For the latest Custom Firmware please contact the WAGO support.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@wago.com",
"name": "WAGO GmbH \u0026 Co. KG",
"namespace": "https://www.wago.com/psirt"
},
"references": [
{
"category": "self",
"summary": "WAGO PSIRT",
"url": "https://www.wago.com/de-en/automation-technology/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for WAGO",
"url": "https://certvde.com/de/advisories/vendor/wago/"
},
{
"category": "self",
"summary": "VDE-2025-062: WAGO: Multiple Vulnerabilities in CODESYS components - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-062"
},
{
"category": "self",
"summary": "VDE-2025-062: Multiple Vulnerabilities in CODESYS components - CSAF",
"url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-062.json"
}
],
"title": "WAGO: Multiple Vulnerabilities in CODESYS components",
"tracking": {
"aliases": [
"VDE-2025-062"
],
"current_release_date": "2025-11-03T11:00:00.000Z",
"generator": {
"date": "2025-10-30T08:25:07.756Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.36"
}
},
"id": "VDE-2025-062",
"initial_release_date": "2025-11-03T11:00:00.000Z",
"revision_history": [
{
"date": "2025-11-03T11:00:00.000Z",
"number": "1",
"summary": "Release version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "0751-9x01",
"product": {
"name": "CC100 0751-9x01",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"0751-9?01"
]
}
}
}
],
"category": "product_family",
"name": "CC100"
},
{
"branches": [
{
"category": "product_name",
"name": "0750-810x/xxxx-xxxx",
"product": {
"name": "PFC100 G1 0750-810x/xxxx-xxxx",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"0750-810?/????-????"
]
}
}
}
],
"category": "product_family",
"name": "PFC100 G1"
},
{
"branches": [
{
"category": "product_name",
"name": "0750-811x-xxxx-xxxx",
"product": {
"name": "PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"0750-811?-????-????"
]
}
}
}
],
"category": "product_family",
"name": "PFC100 G2"
},
{
"branches": [
{
"category": "product_name",
"name": "750-820x-xxx-xxx",
"product": {
"name": "PFC200 G1 750-820x-xxx-xxx",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
" 750-820?-????-????"
]
}
}
}
],
"category": "product_family",
"name": "PFC200 G1"
},
{
"branches": [
{
"category": "product_name",
"name": "750-821x-xxx-xxx",
"product": {
"name": "PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"750-821?-????-????"
]
}
}
}
],
"category": "product_family",
"name": "PFC200 G2"
},
{
"branches": [
{
"category": "product_name",
"name": "0762-420x/8000-000x",
"product": {
"name": "TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"0762-420?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-430x/8000-000x",
"product": {
"name": "TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"0762-430?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-520x/8000-000x",
"product": {
"name": "TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"0762-520?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-530x/8000-000x",
"product": {
"name": "TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"0762-530?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-620x/8000-000x",
"product": {
"name": "TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"0762-620?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-630x/8000-000x",
"product": {
"name": "TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"0762-630?/8000-000?"
]
}
}
}
],
"category": "product_family",
"name": "TP600"
},
{
"branches": [
{
"category": "product_name",
"name": "0752-8303/8000-0002",
"product": {
"name": "Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"0752-8303/8000-0002"
]
}
}
}
],
"category": "product_family",
"name": "Edge Controller"
},
{
"branches": [
{
"category": "product_name",
"name": "0750-800x",
"product": {
"name": "Basic Controller 0750-800x",
"product_id": "CSAFPID-11013"
}
}
],
"category": "product_family",
"name": "Basic Controller"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c04.08.01",
"product": {
"name": "Firmware \u003c04.08.01 (FW30)",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_name",
"name": "04.08.01",
"product": {
"name": "Firmware 04.08.01 (FW30)",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version_range",
"name": "\u003c03.10.11",
"product": {
"name": "Firmware \u003c3.10.11 (FW22 Patch 2)",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version",
"name": "03.10.11",
"product": {
"name": "Firmware 03.10.11 (FW22 Patch 2)",
"product_id": "CSAFPID-22002"
}
},
{
"category": "product_version_range",
"name": "\u003c04.08.01 (70)",
"product": {
"name": "Custom Firmware \u003c04.08.01 (70)",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version",
"name": "04.08.01 (70)",
"product": {
"name": "Custom Firmware 04.08.01 (70)",
"product_id": "CSAFPID-22003"
}
},
{
"category": "product_version_range",
"name": "\u003c01.05.01",
"product": {
"name": "Firmware \u003c01.05.01",
"product_id": "CSAFPID-21005"
}
},
{
"category": "product_version",
"name": "01.05.01",
"product": {
"name": "Firmware 01.05.01 (FW05)",
"product_id": "CSAFPID-22005"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "WAGO"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32015",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on CC100 0751-9x01",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c3.10.11 (FW22 Patch 2) installed on PFC100 G1 0750-810x/xxxx-xxxx",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c3.10.11 (FW22 Patch 2) installed on PFC200 G1 750-820x-xxx-xxx",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c04.08.01 (FW30) installed on Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on CC100 0751-9x01",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 03.10.11 (FW22 Patch 2) installed on PFC100 G1 0750-810x/xxxx-xxxx",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 03.10.11 (FW22 Patch 2) installed on PFC200 G1 750-820x-xxx-xxx",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-32011"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 04.08.01 (FW30) installed on Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-32012"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on CC100 0751-9x01",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-31018"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-31019"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-31020"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-31021"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-31022"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-31023"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware \u003c04.08.01 (70) installed on WAGO Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-31024"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO CC100 0751-9x01",
"product_id": "CSAFPID-32013"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-32015"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-32017"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-32018"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-32019"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-32020"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-32021"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-32022"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-32023"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Custom Firmware 04.08.01 (70) installed on WAGO Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-32024"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c01.05.01 installed on WAGO Basic Controller 0750-800x",
"product_id": "CSAFPID-31025"
},
"product_reference": "CSAFPID-21005",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 01.05.01 (FW05) installed on WAGO Basic Controller 0750-800x",
"product_id": "CSAFPID-32025"
},
"product_reference": "CSAFPID-22005",
"relates_to_product_reference": "CSAFPID-11013"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-0694",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "description",
"text": "Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.",
"title": "CVE description"
},
{
"category": "details",
"text": "The current CORS policy allows any origin to access the server and set header values, posing security risks. A service on the device, used for configurations, is accessible via a TLS-encrypted connection. Attackers could use crafted web applications to send requests to this service and read the responses, even if they are not in the local network. However, this would only be possible if the device\u0027s access credentials are compromised.",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32015",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
]
},
"references": [
{
"category": "external",
"summary": "Advisory: VDE-2025-015",
"url": "https://certvde.com/en/advisories/VDE-2025-015/"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware version 04.08.01 (FW30), 01.05.01 (FW05), 03.10.11 (FW22 Patch 2). For the latest Custom Firmware please contact the WAGO support.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.6,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
]
}
],
"title": "CVE-2025-0694"
},
{
"cve": "CVE-2025-1468",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker can gain access to sensitive information including authentication information when using CODESYS OPC UA Server with the non-default Basic128Rsa15 security policy.",
"title": "CVE description"
},
{
"category": "details",
"text": "A web application for configuring the controller was found under the path /wbm, which includes an endpoint that allows read access to the file system.",
"title": "Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32015",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
]
},
"references": [
{
"category": "external",
"summary": "Advisory: VDE-2025-022",
"url": "https://certvde.com/en/advisories/VDE-2025-022/"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to Firmware version 04.08.01 (FW30), 01.05.01 (FW05), 03.10.11 (FW22 Patch 2). For the latest Custom Firmware please contact the WAGO support.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
]
}
],
"title": "CVE-2025-1468"
},
{
"cve": "CVE-2025-2595",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32015",
"CSAFPID-32017",
"CSAFPID-32018",
"CSAFPID-32019",
"CSAFPID-32020",
"CSAFPID-32021",
"CSAFPID-32022",
"CSAFPID-32023",
"CSAFPID-32024",
"CSAFPID-32025"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
]
},
"references": [
{
"category": "external",
"summary": "Advisory: VDE-2025-027",
"url": "https://certvde.com/en/advisories/VDE-2025-027/"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-26T10:00:00.000Z",
"details": "Update to Firmware version 04.08.01 (FW30), 01.05.01 (FW05), 03.10.11 (FW22 Patch 2). For the latest Custom Firmware please contact the WAGO support.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31015",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025"
]
}
],
"title": "CVE-2025-2595"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…