Remote Configuration Flaw in WAGO Switches Affects Network Security
CVE-2025-41713

6.5MEDIUM

Key Information:

Vendor: Wago
Status: Cc100 0751-9301; Cc100 0751-9301 Hw Rev. <082100; Cc100 0751-9301/k000-0005; Cc100 0751-9301/k000-0005 Hw Rev. <082100
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-41713?

A vulnerability exists in WAGO switches that allows unauthenticated remote attackers to exploit a brief period during the device's boot sequence. In this short-lived state, the switch operates inconsistently, enabling unauthorized traffic to specific networks until a reset by the CPU normalizes operations. This flaw highlights the critical importance of secure device configurations to mitigate attack risks during startup.

Affected Version(s)

CC100 0751-9301 0

CC100 0751-9301 HW rev. <082100 0 < 04.08.05

CC100 0751-9301/K000-0005 0

References

https://certvde.com/en/advisories/VDE-2025-083

https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Wago

What is CVE-2025-41713?

Affected Version(s)

References

CVSS V3.1

Timeline