Share: Email | Twitter

ID

VDE-2025-048

Published

2025-09-08 09:00 (CEST)

Last update

2025-09-05 12:41 (CEST)

Vendor(s)

WAGO GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
0750-0362 Coupler 0750-0362 < FW13
0750-0362/0000-0001 Coupler 0750-0362/0000-0001 < FW13
0750-0362/0040-0000 Coupler 0750-0362/0040-0000 < FW13
0750-0362/K013-1080 Coupler 0750-0362/K013-1080 < FW13
0750-0362/K019-7576 Coupler 0750-0362/K019-7576 < FW13
0750-0363 Coupler 0750-0363 < FW13
0750-0363/0040-0000 Coupler 0750-0363/0040-0000 < FW13
0750-0364/0040-0010 Coupler 0750-0364/0040-0010 < FW13
0750-0365/0040-0010 Coupler 0750-0365/0040-0010 < FW13
0750-0366 Coupler 0750-0366 < FW13

Summary

A design flaw in the file system management exposes internal system partitions - intended to be hidden - during brief moments when they are mounted by the firmware. These partitions contain sensitive data such as firmware and certificates. Although access to the file system is mediated by a Nucleus layer that supports permission control, these permissions are currently not enforced. As a result, services like FTP/SFTP may inadvertently gain access to critical internal resources, increasing the risk of unauthorized access or data leakage.


Last Update:

5. September 2025 11:57

Weakness

Incorrect Permission Assignment for Critical Resource  (CWE-732) 

Summary

A low-privileged remote attacker could gain unauthorized access to critical resources, such as firmware and certificates, due to improper permission handling during the runtime of services (e.g., FTP/SFTP). This access could allow the attacker to escalate privileges and modify firmware.


Impact

Due to the visibility of the internal partitions a low-privileged remote attacker can escalate privileges and can for example edit the firmware files.

Solution

Mitigation

By default, FTP is disabled on these devices. To prevent exploitation of this vulnerability, it is recommended to also disable SFTP in firmware versions below 13 through the device's configuration settings.

Remediation

Update to Firmware version 13.

Reported by

CERT@VDE coordinated with WAGO GmbH & Co. KG.