Primary

Context

WAGO Industrial Managed Switches Credential Exposure Vulnerability via Authentication Bypass

Vulnerability

A vulnerability exists in WAGO Industrial Managed Switch models 0852-1322 and 0852-1328, both running firmware through 2.64. User credentials are encrypted using AES-ECB with a hardcoded key, and an unauthenticated remote attacker who accesses the configuration file can decrypt and retrieve plaintext usernames and passwords. This vulnerability is particularly concerning when combined with an authentication bypass that has also been identified on these devices.

Impact

Exploitation of this vulnerability allows for the decryption of stored user credentials, including administrative usernames and passwords, which can then be used to gain unauthorized access to the device's management interface.

Remediation

Users are advised to update their devices to firmware version 02.65.

Added: Feb 9, 2026, 9:00 AM

Updated: Feb 9, 2026, 9:00 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.8

remediation

0.0

relevance

2.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.8

remediation

0.0

relevance

2.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WAGO Industrial Managed Switches Credential Exposure Vulnerability via Authentication Bypass

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating