Volerion logoVolerion
Volerion logoVolerion

WAGO Products Year 2038 Integer Overflow Vulnerability

Vulnerability

An integer overflow vulnerability has been identified in various WAGO products, including the CC100, PFC100, PFC200, TP600, and Edge Controller series. This vulnerability arises from the Year 2038 problem, where a low privileged user can manipulate the device's date to January 19, 2038, exceeding the 32-bit time limit. As a result, some functions may fail to operate correctly or cease functioning altogether, both during runtime and after a device restart.

Impact

Exploitation of this vulnerability disrupts normal device functions, causing them to behave unexpectedly or stop working entirely. This issue persists both during active use and after the device has been restarted.

Remediation

Users are advised to update to Firmware 4.7.1 (FW29) or Firmware 03.10.11 (FW22 Patch 2). For the latest Custom Firmware, please contact WAGO support.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
2.5
exploitability
4.9
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.