VDE-2025-020
Last update
06/02/2025 08:00
Published at
06/02/2025 08:00
Vendor(s)
WAGO GmbH & Co. KG
External ID
VDE-2025-020
CSAF Document
Summary
The Year 2038 Problem affects systems using a 32-bit integer to represent time as the number of seconds since January 1st, 1970. On January 19, 2038, at 03:14:07 UTC, the time value will exceed the maximum for a 32-bit integer, causing an overflow and resetting it to a negative number.
Impact
This leads to a reset of the system time and effects the timestamps of the system logs.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| WAGO Fully Managed Switches 0852-0303 | Firmware vers:all/* | |
| WAGO Fully Managed Switches 0852-1305 | Firmware vers:all/* | |
| WAGO Fully Managed Switches 0852-1305/0000-0001 | Firmware vers:all/* | |
| WAGO Fully Managed Switches 0852-1505 | Firmware vers:all/* | |
| WAGO Fully Managed Switches 0852-1505/0000-0001 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1812 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1812/0010-0000 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1813 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1813/0000-0001 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1813/0010-0000 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1813/0010-0001 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1816 | Firmware vers:all/* | |
| WAGO Lean Managed Switches 0852-1816/0010-0000 | Firmware vers:all/* |
Vulnerabilities
Expand / Collapse all
Published
09/22/2025 14:57
Severity
Weakness
Integer Overflow or Wraparound (CWE-190)
Summary
A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970.
References
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 06/02/2025 08:00 | Initial release. |