VDE-2025-082
Vulnerability from csaf_wagogmbhcokg - Published: 2025-09-08 07:00 - Updated: 2025-09-08 07:00Summary
WAGO: Critical sudo Vulnerability in Multiple Products
Severity
Critical
Notes
Summary: A vulnerability in sudo allows a low privileged attacker to execute commands with root rights.
Impact: The vulnerability could potentially allow low privileged users to gain complete control over a system, leading to data breaches, modification of critical system files, unauthorized access to sensitive information, and disruption of services.
Remediation: Update to Firmware version 04.08.01 (FW30) or higher.
Mitigation: Until Firmware 30 is available the vulnerability can be mitigated by installing an ipk to update sudo to 1.9.17p1. The ipk is available through the WAGO download center.
Sudo before 1.9.17p1 allows low privileged local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
7.8 (High)
Vendor Fix
Update to Firmware version 04.08.01 (FW30) or higher.
Mitigation
Until Firmware 30 is available the vulnerability can be mitigated by installing an ipk to update sudo to 1.9.17p1. The ipk is available through the WAGO download center.
https://downloadcenter.wago.com/wago/software/det…
References
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A vulnerability in sudo allows a low privileged attacker to execute commands with root rights.",
"title": "Summary"
},
{
"category": "description",
"text": "The vulnerability could potentially allow low privileged users to gain complete control over a system, leading to data breaches, modification of critical system files, unauthorized access to sensitive information, and disruption of services.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to Firmware version 04.08.01 (FW30) or higher.",
"title": "Remediation"
},
{
"category": "description",
"text": "Until Firmware 30 is available the vulnerability can be mitigated by installing an ipk to update sudo to 1.9.17p1. The ipk is available through the WAGO download center.",
"title": "Mitigation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@wago.com",
"name": "WAGO GmbH \u0026 Co. KG",
"namespace": "https://www.wago.com/psirt"
},
"references": [
{
"category": "external",
"summary": "WAGO PSIRT",
"url": "https://www.wago.com/de-en/automation-technology/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for WAGO",
"url": "https://certvde.com/de/advisories/vendor/wago/"
},
{
"category": "self",
"summary": "VDE-2025-082: WAGO: Critical sudo Vulnerability in Multiple Products - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-082"
},
{
"category": "self",
"summary": "VDE-2025-082: WAGO: Critical sudo Vulnerability in Multiple Products - CSAF",
"url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-082.json"
}
],
"title": "WAGO: Critical sudo Vulnerability in Multiple Products",
"tracking": {
"aliases": [
"VDE-2025-082"
],
"current_release_date": "2025-09-08T07:00:00.000Z",
"generator": {
"date": "2025-09-04T09:24:03.626Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.34"
}
},
"id": "VDE-2025-082",
"initial_release_date": "2025-09-08T07:00:00.000Z",
"revision_history": [
{
"date": "2025-09-08T07:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "0751-9x01",
"product": {
"name": "CC100 0751-9x01",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"0751-9?01"
]
}
}
}
],
"category": "product_family",
"name": "CC100"
},
{
"branches": [
{
"category": "product_name",
"name": "0750-811x-xxxx-xxxx",
"product": {
"name": "PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"0750-811?-????-????"
]
}
}
}
],
"category": "product_family",
"name": "PFC100 G2"
},
{
"branches": [
{
"category": "product_name",
"name": "750-821x-xxx-xxx",
"product": {
"name": "PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"750-821?-????-????"
]
}
}
}
],
"category": "product_family",
"name": "PFC200 G2"
},
{
"branches": [
{
"category": "product_name",
"name": "0750-8302",
"product": {
"name": "PFC300 0750-8302",
"product_id": "CSAFPID-11004"
}
}
],
"category": "product_family",
"name": "PFC300"
},
{
"branches": [
{
"category": "product_name",
"name": "0762-420x/8000-000x",
"product": {
"name": "TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"0762-420?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-430x/8000-000x",
"product": {
"name": "TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"0762-430?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-520x/8000-000x",
"product": {
"name": "TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"0762-520?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-530x/8000-000x",
"product": {
"name": "TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"0762-530?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-620x/8000-000x",
"product": {
"name": "TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"0762-620?/8000-000?"
]
}
}
},
{
"category": "product_name",
"name": "0762-630x/8000-000x",
"product": {
"name": "TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"0762-630?/8000-000?"
]
}
}
}
],
"category": "product_family",
"name": "TP600"
},
{
"branches": [
{
"category": "product_name",
"name": "0762-340x",
"product": {
"name": "WP400 0762-340x",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"0762-340?"
]
}
}
}
],
"category": "product_family",
"name": "WP400"
},
{
"branches": [
{
"category": "product_name",
"name": "0752-8303/8000-0002",
"product": {
"name": "Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"0752-8303/8000-0002"
]
}
}
}
],
"category": "product_family",
"name": "Edge Controller"
},
{
"branches": [
{
"category": "product_name",
"name": "0750-800x",
"product": {
"name": "Basic Controller 0750-800x",
"product_id": "CSAFPID-11013"
}
}
],
"category": "product_family",
"name": "Basic Controller"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "04.05.10 (FW27)\u003c04.08.01 (FW30)",
"product": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30)",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "04.08.01",
"product": {
"name": "WAGO Firmware 04.08.01 (FW30)",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "WAGO"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012"
],
"summary": "Affected products"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on CC100 0751-9x01",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on PFC300 0750-8302",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on WP400 0762-340x",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.05.10 (FW27)\u003c04.08.01 (FW30) installed on Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on CC100 0751-9x01",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on PFC100 G2 0750-811x-xxxx-xxxx",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on PFC200 G2 750-821x-xxx-xxx",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on PFC300 0750-8302",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on TP600 0762-420x/8000-000x",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on TP600 0762-430x/8000-000x",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on TP600 0762-520x/8000-000x",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on TP600 0762-530x/8000-000x",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on TP600 0762-620x/8000-000x",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on TP600 0762-630x/8000-000x",
"product_id": "CSAFPID-32010"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on WP400 0762-340x",
"product_id": "CSAFPID-32011"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "WAGO Firmware 04.08.01 (FW30) installed on Edge Controller 0752-8303/8000-0002",
"product_id": "CSAFPID-32012"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11012"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32463",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"notes": [
{
"category": "description",
"text": "Sudo before 1.9.17p1 allows low privileged local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-04T10:00:00.000Z",
"details": "Update to Firmware version 04.08.01 (FW30) or higher.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "mitigation",
"details": "Until Firmware 30 is available the vulnerability can be mitigated by installing an ipk to update sudo to 1.9.17p1. The ipk is available through the WAGO download center.",
"group_ids": [
"CSAFGID-0001"
],
"url": "https://downloadcenter.wago.com/wago/software/details/mckqrqwdtxpqe857kf8"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012"
]
}
],
"title": "CVE-2025-32463"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…