CVE-2025-41713

Summary

During a short time frame while the device is booting an unauthenticated remote attacker can send traffic to unauthorized networks due to the switch operating in an undefined state until a CPU-induced reset allows proper configuration.

Affected Software

VendorProductVersion RangeStatus
WAGOCC100 0751-93010 < HWaffected
WAGOCC100 0751-9301 HW rev. <0821000 < 04.08.05affected
WAGOCC100 0751-9301/K000-00050 < HWaffected
WAGOCC100 0751-9301/K000-0005 HW rev. <0821000 < 04.08.05affected
WAGOCC100 0751-94010 < HWaffected
WAGOCC100 0751-9401 HW rev. <0525000 < 04.08.05affected
WAGOCC100 0751-94020 < HWaffected
WAGOCC100 0751-9402/0000-00010 < HWaffected
WAGOCC100 0751-9402/0000-0001 HW rev. <0528000 < 04.08.05affected
WAGOCC100 0751-9402 HW rev. <0328000 < 04.08.05affected
WAGOCC100 0751-94030 < HWaffected
WAGOCC100 0751-9403 HW rev. <0228000 < 04.08.05affected
WAGOEdge Controller 0752-8303/8000-00020 < HWaffected
WAGOEdge Controller 0752-8303/8000-0002 HW rev. 325000 < 04.08.05affected
WAGOTP600 0762-41010 < HWaffected
WAGOTP600 0762-4101 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-41020 < HWaffected
WAGOTP600 0762-4102 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-41040 < HWaffected
WAGOTP600 0762-4104 HW rev. <0625000 < 04.08.05affected
WAGOTP600 0762-4201/8000-00010 < HWaffected
WAGOTP600 0762-4201/8000-0001 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-4201/8000-00020 < HWaffected
WAGOTP600 0762-4201/8000-00020 < HWaffected
WAGOTP600 0762-4201/8000-0002 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-4201/8000-0002 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-4301/8000-00020 < HWaffected
WAGOTP600 0762-4301/8000-0002 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-4302/8000-00020 < HWaffected
WAGOTP600 0762-4302/8000-0002 HW rev. <0725000 < 04.08.05affected
WAGOTP600 0762-4303/8000-00020 < HWaffected
WAGOTP600 0762-4303/8000-0002 HW rev. <0625000 < 04.08.05affected
WAGOTP600 0762-4304/8000-00020 < HWaffected
WAGOTP600 0762-4304/8000-0002 HW rev. <0625000 < 04.08.05affected
WAGOTP600 0762-4305/8000-00020 < HWaffected
WAGOTP600 0762-4305/8000-0002 HW rev. <0525000 < 04.08.05affected
WAGOTP600 0762-4306/8000-00010 < HWaffected
WAGOTP600 0762-4306/8000-0001 HW rev. <0425000 < 04.08.05affected
WAGOTP600 0762-4306/8000-00020 < HWaffected
WAGOTP600 0762-4306/8000-0002 HW rev. <0425000 < 04.08.05affected
WAGOTP600 0762-5201/8000-00010 < HWaffected
WAGOTP600 0762-5201/8000-0001 HW rev. <0625000 < 04.08.05affected
WAGOTP600 0762-5203/8000-00010 < HWaffected
WAGOTP600 0762-5203/8000-0001 HW rev. <0625000 < 04.08.05affected
WAGOTP600 0762-5204/8000-00010 < HWaffected
WAGOTP600 0762-5204/8000-00010 < HWaffected
WAGOTP600 0762-5204/8000-0001 HW rev. <0525000 < 04.08.05affected
WAGOTP600 0762-5204/8000-0001 HW rev. <0525000 < 04.08.05affected
WAGOTP600 0762-5205/8000-00010 < HWaffected
WAGOTP600 0762-5205/8000-0001 HW rev. <0325000 < 04.08.05affected
WAGOTP600 0762-5206/8000-00010 < HWaffected
WAGOTP600 0762-5206/8000-0001 HW rev. <0425000 < 04.08.05affected

Weaknesses

  • CWE-1188: CWE-1188 Insecure Default Initialization of Resource

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References