CVE-2025-41713
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Summary
During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WAGO | CC100 0751-9301 | 0 < HW | affected |
| WAGO | CC100 0751-9301 HW rev. <082100 | 0 < 04.08.05 | affected |
| WAGO | CC100 0751-9301/K000-0005 | 0 < HW | affected |
| WAGO | CC100 0751-9301/K000-0005 HW rev. <082100 | 0 < 04.08.05 | affected |
| WAGO | CC100 0751-9401 | 0 < HW | affected |
| WAGO | CC100 0751-9401 HW rev. <052500 | 0 < 04.08.05 | affected |
| WAGO | CC100 0751-9402 | 0 < HW | affected |
| WAGO | CC100 0751-9402/0000-0001 | 0 < HW | affected |
| WAGO | CC100 0751-9402/0000-0001 HW rev. <052800 | 0 < 04.08.05 | affected |
| WAGO | CC100 0751-9402 HW rev. <032800 | 0 < 04.08.05 | affected |
| WAGO | CC100 0751-9403 | 0 < HW | affected |
| WAGO | CC100 0751-9403 HW rev. <022800 | 0 < 04.08.05 | affected |
| WAGO | Edge Controller 0752-8303/8000-0002 | 0 < HW | affected |
| WAGO | Edge Controller 0752-8303/8000-0002 HW rev. 32500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4101 | 0 < HW | affected |
| WAGO | TP600 0762-4101 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4102 | 0 < HW | affected |
| WAGO | TP600 0762-4102 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4104 | 0 < HW | affected |
| WAGO | TP600 0762-4104 HW rev. <062500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4201/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-4201/8000-0001 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4201/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4201/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4201/8000-0002 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4201/8000-0002 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4301/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4301/8000-0002 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4302/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4302/8000-0002 HW rev. <072500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4303/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4303/8000-0002 HW rev. <062500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4304/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4304/8000-0002 HW rev. <062500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4305/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4305/8000-0002 HW rev. <052500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4306/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-4306/8000-0001 HW rev. <042500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-4306/8000-0002 | 0 < HW | affected |
| WAGO | TP600 0762-4306/8000-0002 HW rev. <042500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-5201/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-5201/8000-0001 HW rev. <062500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-5203/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-5203/8000-0001 HW rev. <062500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-5204/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-5204/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-5204/8000-0001 HW rev. <052500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-5204/8000-0001 HW rev. <052500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-5205/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-5205/8000-0001 HW rev. <032500 | 0 < 04.08.05 | affected |
| WAGO | TP600 0762-5206/8000-0001 | 0 < HW | affected |
| WAGO | TP600 0762-5206/8000-0001 HW rev. <042500 | 0 < 04.08.05 | affected |
Weaknesses
- CWE-1188: CWE-1188 Insecure Default Initialization of Resource
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://certvde.com/en/advisories/VDE-2025-083
- https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-083.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.