Remote Code Execution Vulnerability in WAGO IoT Tool
CVE-2025-41672

10CRITICAL

Key Information:

Vendor

Wago

Status
Wago Device Sphere
Vendor
CVE Published:
7 July 2025

What is CVE-2025-41672?

A significant remote code execution vulnerability has been identified in the WAGO IoT Tool, where an unauthenticated attacker can leverage default certificates to create JSON Web Tokens (JWT). This exploitation provides the attacker with full access to the tool and all connected devices, posing a serious risk to network integrity and security. Administrators are advised to update their systems and revise access controls to mitigate potential threats.

Affected Version(s)

Wago Device Sphere 1.0.0

References

https://cert.vde.com/en/advisories/VDE-2025-057
https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2...
vendor-advisory

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-41672 : Remote Code Execution Vulnerability in WAGO IoT Tool