Summary
A vulnerability has been identified in WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the solutions by Endress+Hauser.
Impact
An on-premises attacker could escalate application privileges to root level. This would enable the execution of arbitrary code with root privileges, allowing the attacker to modify configurations and manipulate measurement outputs.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| 751-9301 | CC 100 (751-9301) | Firmware FW 23 , Firmware <=FW 23 |
| 750-82?? | PFC 200 (750-82xx/xxx-xxx) | Firmware FW 23 , Firmware <=FW 23 |
Vulnerabilities
Expand / Collapse allA buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Mitigation
Local access is required to exploit this vulnerability. To mitigate the risk, ensure that only authorized personnel have physical access to the device.
Remediation
Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the vulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For support, please contact your local service center.
Acknowledgments
Endress+Hauser AG thanks the following parties for their efforts:
- CERT@VDE for coordination (see https://certvde.com )
Revision History
| Version | Date | Summary |
|---|---|---|
| 1.0.0 | 02.03.2026 08:00 | Initial version |