Remote Code Execution Vulnerability in WAGO IoT Tool
CVE-2025-41672

10CRITICAL

Key Information:

Vendor: Wago
Status: Wago Device Sphere
Vendor: CVE Published:; 7 July 2025

What is CVE-2025-41672?

A significant remote code execution vulnerability has been identified in the WAGO IoT Tool, where an unauthenticated attacker can leverage default certificates to create JSON Web Tokens (JWT). This exploitation provides the attacker with full access to the tool and all connected devices, posing a serious risk to network integrity and security. Administrators are advised to update their systems and revise access controls to mitigate potential threats.

Affected Version(s)

Wago Device Sphere 1.0.0

References

https://cert.vde.com/en/advisories/VDE-2025-057

https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2...

vendor-advisory

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 7, 2025
Vulnerability Reserved
Apr 16, 2025