Zurück zur Übersicht

WAGO: Vulnerabilities in CODESYS Control

VDE-2025-008
Last update
14.05.2025 15:00
Published at
04.02.2025 12:00
Vendor(s)
WAGO GmbH & Co. KG
External ID
VDE-2025-008
CSAF Document
Download

Summary

The following firmware versions installed on several devices are are vulnerable due to a vulnerability in CODESYS Control.

Impact

The CODESYS Control runtime system allows devices to function as programmable industrial controllers, accessing IOs, communication interfaces, and system functions. An authenticated attacker could exploit a vulnerability to inject OS shell function calls via the SysFile or CAA file system libraries.

Affected Product(s)

Model no. Product name Affected versions
0750-810?/????-???? 0750-810x/xxxx-xxxx WAGO Firmware <03.10.11 (FW22 Patch 2), Custom Firmware <03.10.11(70)
0750-811?-????-???? 0750-811x/xxxx-xxxx WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
750-820?-????-???? 0750-820x/xxx-xxx WAGO Firmware <03.10.11 (FW22 Patch 2), Custom Firmware <03.10.11(70)
750-821?-????-???? 0750-821x/xxx-xxx WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
0751-9?01 0751/9x01 Custom Firmware <04.06.03(70), WAGO Firmware <04.05.10 (FW27)
0752-8303/8000-0002 0752-8303/8000-0002 WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
0762-420?/8000-000? 0762-420x/8000-000x WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
0762-430?/8000-000? 0762-430x/8000-000x WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
0762-520?/8000-000? 0762-520x/8000-000x WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
0762-530?/8000-000? 0762-530x/8000-000x Custom Firmware <04.06.01(70), WAGO Firmware <04.05.10 (FW27)
0762-620?/8000-000? 0762-620x/8000-000x WAGO Firmware <04.05.10 (FW27), Custom Firmware <04.06.01(70)
0762-630?/8000-000? 0762-630x/8000-000x Custom Firmware <04.06.01(70), WAGO Firmware <04.05.10 (FW27)

Vulnerabilities

Expand / Collapse all

Published
09.02.2026 15:51
Severity
8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Summary

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.

References
cve.org | nvd.nist.gov

Mitigation

The vulnerability is only exploitable if the an attacker has successfully logged in with according user rights. To prevent attackers from exploiting the vulnerability it is recommend to change the standard password in the web based management.

Remediation

Update to Firmware version 27, Firmware 22 Patch 2. For the latest Custom Firmware version please contact the WAGO support.

Acknowledgments

WAGO GmbH & Co. KG thanks the following parties for their efforts:

Revision History

Version Date Summary
1 04.02.2025 12:00 Initial release.
2 19.02.2025 14:30 Update: fixed typo in Vendor fix, fixed version
3 14.05.2025 15:00 Fix: added distribution