WAGO: Vulnerability in managed switches

VDE-2026-020

Last update

03/23/2026 09:00

Published at

03/23/2026 09:00

Vendor(s)

WAGO GmbH & Co. KG

External ID

VDE-2026-020

CSAF Document

Download

Summary

A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function.

Impact

This could lead to a full System compromise of the affected devices.

Affected Product(s)

Model no.	Product name	Affected versions
852-1305	852-1305	Firmware <V1.2.0.S0, Firmware V1.2.0.S0
852-1305/000-001	852-1305/000-001	Firmware <V1.2.0.S0, Firmware V1.2.0.S0
852-1505	852-1505	Firmware <V1.1.9.S0, Firmware V1.1.9.S0
852-1505/000-001	852-1505/000-001	Firmware <V1.2.0.S0, Firmware V1.2.0.S0
852-1605	852-1605	Firmware <V1.2.5.S0, Firmware V1.2.5.S0
852-1812	852-1812	Firmware V1.2.1.S0, Firmware <V1.2.1.S0
852-1812/010-000	852-1812/010-000	Firmware <V1.2.1.S0, Firmware V1.2.1.S0
852-1813	852-1813	Firmware V1.2.1.S0, Firmware <V1.2.1.S0
852-1813/000-001	852-1813/000-001	Firmware <V1.2.3.S0, Firmware V1.2.3.S0
852-1813/010-000	852-1813/010-000	Firmware <V1.2.1.S0, Firmware V1.2.1.S0
852-1813/010-001	852-1813/010-001	Firmware V1.2.1.S1, Firmware <V1.2.1.S0
852-1816	852-1816	Firmware V1.2.1.S0, Firmware <V1.2.1.S0
852-1816/010-000	852-1816/010-000	Firmware V1.2.1.S0, Firmware <V1.2.1.S0
852-303	852-303	Firmware <V1.2.8.S0, Firmware V1.2.8.S0
852-602	852-602	Firmware V1.0.6.S0, Firmware <V1.0.6.S0
852-603	852-603	Firmware <V1.0.6.S0, Firmware V1.0.6.S0

Vulnerabilities

Expand / Collapse all

Published

03/23/2026 09:03

Severity

10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Weakness

Hidden Functionality (CWE-912)

Summary

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.

References

cve.org | nvd.nist.gov

Remediation

Please update your devices to the specified fixed firmware version.

Product	Fixed Version
Lean Managed Switch 852-1812	V1.2.1.S1
Lean Managed Switch 852-1813	V1.2.1.S1
Lean Managed Switch 852-1813/000-001	V1.2.3.S1
Lean Managed Switch 852-1816	V1.2.1.S1
Industrial Managed Switch 852-303	V1.2.8.S1
Industrial Managed Switch 852-1305	V1.2.0.S1
Industrial Managed Switch 852-1305/000-001	V1.2.0.S1
Industrial Managed Switch 852-1505/000-001	V1.2.0.S1
Industrial Managed Switch 852-1505	V1.1.9.S1
Industrial Managed Switch 852-602	V1.0.6.S1
Industrial Managed Switch 852-603	V1.0.6.S1
Industrial Managed Switch 852-1605	V1.2.5.S1
Lean Managed Switch 852-1812/010-000	V1.2.1.S1
Lean Managed Switch 852-1813/010-000	V1.2.1.S1
Lean Managed Switch 852-1813/010-001	V1.2.1.S1
Lean Managed Switch 852-1816/010-000	V1.2.1.S1

Acknowledgments

WAGO GmbH & Co. KG thanks the following parties for their efforts:

CERT@VDE for coordination

Revision History

Version	Date	Summary
1.0.0	03/23/2026 09:00	Release version.

WAGO: Vulnerability in managed switches

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2026-3587 10

Remediation

Acknowledgments

Revision History