WAGO: Vulnerability in hardware switch circuit

VDE-2025-083

Last update

09/15/2025 10:00

Published at

09/15/2025 10:00

Vendor(s)

WAGO GmbH & Co. KG

External ID

VDE-2025-083

CSAF Document

Download

Summary

The vulnerability in the Ethernet switch circuit is caused by a PullUp resistor at the reset input, leading to premature activation and undefined operation. Switching to a PullDown resistor keeps the switch in reset. This issue affects the CC100, the Touch Panels 600 and the Edge Controller.

Impact

The vulnerability causes the Ethernet switch to operate in an undefined state due to early activation, leading to unstable system behavior and potential connectivity issues.

Affected Product(s)

Model no.	Product name	Affected versions
	Edge Controller 0752-8303/8000-0002 32500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware CC100 0751-9301 <082100	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware CC100 0751-9301/K000-0005 <082100	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware CC100 0751-9401 <052500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware CC100 0751-9402 <032800	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware CC100 0751-9402/0000-0001 <052800	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware CC100 0751-9403 <022800	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4101 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4101 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4102 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4103 <062500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4201/8000-0001 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4201/8000-0002 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4201/8000-0002 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4301/8000-0002 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4302/8000-0002 <072500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4303/8000-0002 <062500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4304/8000-0002 <062500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4305/8000-0002 <052500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4306/8000-0001 <042500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-4306/8000-0002 <042500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-5201/8000-0001 <062500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-5203/8000-0001 <062500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-5204/8000-0001 <052500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-5204/8000-0001 <052500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-5205/8000-0001 <032500	WAGO Firmware <04.08.05 (FW30)
	WAGO Hardware TP600 0762-5206/8000-0001 <042500	WAGO Firmware <04.08.05 (FW30)

Vulnerabilities

Expand / Collapse all

Published

09/22/2025 14:57

Severity

6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Weakness

Initialization of a Resource with an Insecure Default (CWE-1188)

Summary

During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration.

References

cve.org | nvd.nist.gov

Remediation

To address this vulnerability, it is recommended to utilize a newer hardware revision equipped with Firmware 04.08.05 (FW30). This firmware version is designed to resolve the issue by properly managing the switch activation and configuration process on the revised hardware. It is important to note that older firmware versions will not resolve the problem on the new hardware revision, and therefore upgrading both the hardware and firmware is necessary for an effective remediation.

Revision History

Version	Date	Summary
1.0.0	09/15/2025 10:00	Initial revision.

WAGO: Vulnerability in hardware switch circuit

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2025-41713 6.5

Remediation

Revision History