VDE-2025-087
Vulnerability from csaf_wagogmbhcokg - Published: 2025-09-24 09:00 - Updated: 2025-09-24 09:00Summary
WAGO: Vulnerabilities in Device Sphere and Solution Builder
Severity
Critical
Notes
Summary: Due to a missing authentication check, the WAGO Solution Builder and the WAGO Device Sphere are vulnerable to a potential information exposure.
Impact: Exposing database credentials gives attackers direct database access, leading to data loss, theft or manipulation. Exposing user accounts and roles facilitates targeted attacks like brute-force or social engineering, increasing the risk of compromising privileged accounts.
Remediation: Please upgrade to the specified version or a later one of the WAGO Device Sphere or the WAGO Solution Builder.
| Affected Product | Fixed Version |
| -------- | ------- |
| WAGO Software Device Sphere | 1.1.0 |
| WAGO Software Solution Builder | 2.3.3 |
The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it.
9.8 (Critical)
Vendor Fix
Please upgrade to the specified version or a later one of the WAGO Device Sphere or the WAGO Solution Builder.
https://downloadcenter.wago.com/wago/software
The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function.
5.3 (Medium)
Vendor Fix
Please upgrade to the specified version or a later one of the WAGO Solution Builder.
https://downloadcenter.wago.com/wago/software
References
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Due to a missing authentication check, the WAGO Solution Builder and the WAGO Device Sphere are vulnerable to a potential information exposure.",
"title": "Summary"
},
{
"category": "description",
"text": "Exposing database credentials gives attackers direct database access, leading to data loss, theft or manipulation. Exposing user accounts and roles facilitates targeted attacks like brute-force or social engineering, increasing the risk of compromising privileged accounts.",
"title": "Impact"
},
{
"category": "description",
"text": "Please upgrade to the specified version or a later one of the WAGO Device Sphere or the WAGO Solution Builder.\n\n| Affected Product | Fixed Version |\n| -------- | ------- |\n| WAGO Software Device Sphere | 1.1.0 |\n| WAGO Software Solution Builder | 2.3.3 |",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@wago.com",
"name": "WAGO GmbH \u0026 Co. KG",
"namespace": "https://www.wago.com/psirt"
},
"references": [
{
"category": "self",
"summary": "WAGO PSIRT",
"url": "https://www.wago.com/de-en/automation-technology/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for WAGO",
"url": "https://certvde.com/de/advisories/vendor/wago/"
},
{
"category": "self",
"summary": "VDE-2025-087: WAGO: Vulnerabilities in Device Sphere and Solution Builder - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-087"
},
{
"category": "self",
"summary": "VDE-2025-087: WAGO: Vulnerabilities in Device Sphere and Solution Builder - CSAF",
"url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-087.json"
}
],
"title": "WAGO: Vulnerabilities in Device Sphere and Solution Builder",
"tracking": {
"aliases": [
"VDE-2025-087"
],
"current_release_date": "2025-09-24T09:00:00.000Z",
"generator": {
"date": "2025-09-24T09:10:11.872Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.35"
}
},
"id": "VDE-2025-087",
"initial_release_date": "2025-09-24T09:00:00.000Z",
"revision_history": [
{
"date": "2025-09-24T09:00:00.000Z",
"number": "1.0.0",
"summary": "Initial Release."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.1.0",
"product": {
"name": "WAGO Software Device Sphere \u003c1.1.0",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "1.1.0",
"product": {
"name": "WAGO Software Device Sphere 1.1.0",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_name",
"name": "WAGO Device Sphere"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.3.3",
"product": {
"name": "WAGO Software Solution Builder \u003c2.3.3",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version",
"name": "2.3.3",
"product": {
"name": "WAGO Software Solution Builder 2.3.3",
"product_id": "CSAFPID-22003"
}
}
],
"category": "product_name",
"name": "WAGO Solution Builder"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "WAGO"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-21001",
"CSAFPID-21003"
],
"summary": "Affected products"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-22001",
"CSAFPID-22003"
],
"summary": "Fixed products."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41715",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "description",
"text": "The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it.",
"title": "Vulnerability Description"
},
{
"category": "details",
"text": "The web application leaks database credentials. To retrieve this information from the web server, no authentication is required. For CVE-2025-41715, it\u0027s important to note that under normal conditions and in the standard configuration, access to the affected database is only possible from the server where the product is installed.",
"title": "Vulnerability Details"
}
],
"product_status": {
"fixed": [
"CSAFPID-22001",
"CSAFPID-22003"
],
"known_affected": [
"CSAFPID-21001",
"CSAFPID-21003"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-05T09:00:00.000Z",
"details": "Please upgrade to the specified version or a later one of the WAGO Device Sphere or the WAGO Solution Builder.",
"group_ids": [
"CSAFGID-0001"
],
"url": "https://downloadcenter.wago.com/wago/software"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-21001",
"CSAFPID-21003"
]
}
],
"title": "CVE-2025-41715"
},
{
"cve": "CVE-2025-41716",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "description",
"text": "The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function.\n",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-22003"
],
"known_affected": [
"CSAFPID-21003"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-05T09:00:00.000Z",
"details": "Please upgrade to the specified version or a later one of the WAGO Solution Builder.",
"product_ids": [
"CSAFPID-21003"
],
"url": "https://downloadcenter.wago.com/wago/software"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-21001",
"CSAFPID-21003"
]
}
],
"title": "CVE-2025-41716"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…