Primary

Context

WAGO Industrial-Managed Switches Stack Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

A stack buffer overflow vulnerability has been identified in WAGO Industrial-Managed Switches models 0852-1322 and 0852-1328, both running firmware prior to 02.64. This vulnerability allows an unauthenticated remote attacker to exploit unsafe input handling in the check_account() function, where unsafe sscanf calls are used. The lack of modern security features in the lighttpd binary, such as Position Independent Executables (PIE) and Read-Only Relocation (RELRO), further increases the risk of exploitation, potentially leading to full device compromise.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected device.

Remediation

Users are advised to update their devices to firmware version 02.64.

Added: Dec 10, 2025, 11:18 AM

Updated: Dec 10, 2025, 11:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WAGO Industrial-Managed Switches Stack Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating