Share: Email | Twitter

ID

VDE-2025-082

Published

2025-09-08 09:00 (CEST)

Last update

2025-09-05 12:19 (CEST)

Vendor(s)

WAGO GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
CC100 0751-9x01 04.05.10 (FW27) < 04.08.01 (FW30)
Edge Controller 0752-8303/8000-0002 04.05.10 (FW27) < 04.08.01 (FW30)
PFC100 G2 0750-811x-xxxx-xxxx 04.05.10 (FW27) < 04.08.01 (FW30)
PFC200 G2 750-821x-xxx-xxx 04.05.10 (FW27) < 04.08.01 (FW30)
PFC300 0750-8302 04.05.10 (FW27) < 04.08.01 (FW30)
TP600 0762-420x/8000-000x 04.05.10 (FW27) < 04.08.01 (FW30)
TP600 0762-430x/8000-000x 04.05.10 (FW27) < 04.08.01 (FW30)
TP600 0762-520x/8000-000x 04.05.10 (FW27) < 04.08.01 (FW30)
TP600 0762-530x/8000-000x 04.05.10 (FW27) < 04.08.01 (FW30)
TP600 0762-620x/8000-000x 04.05.10 (FW27) < 04.08.01 (FW30)
TP600 0762-630x/8000-000x 04.05.10 (FW27) < 04.08.01 (FW30)
WP400 0762-340x 04.05.10 (FW27) < 04.08.01 (FW30)

Summary

A vulnerability in sudo allows a low privileged attacker to execute commands with root rights.

CVE ID

CVE-2025-32463 

Last Update:

5. September 2025 12:14

Severity

7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 

Weakness

Inclusion of Functionality from Untrusted Control Sphere  (CWE-829) 

Summary

Sudo before 1.9.17p1 allows low privileged local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Details

cert.vde.com 

Impact

The vulnerability could potentially allow low privileged users to gain complete control over a system, leading to data breaches, modification of critical system files, unauthorized access to sensitive information, and disruption of services.

Solution

Mitigation

Until Firmware 30 is available the vulnerability can be mitigated by installing an ipk to update sudo to 1.9.17p1. The ipk is available through the WAGO download center.

Remediation

Update to Firmware version 04.08.01 (FW30) or higher.

Reported by

CERT@VDE coordinated with WAGO GmbH & Co. KG