VDE-2026-020
Vulnerability from csaf_wagogmbhcokg - Published: 2026-03-23 08:00 - Updated: 2026-03-23 08:00Summary
WAGO: Vulnerability in managed switches
Severity
Critical
Notes
Summary: A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function.
Impact: This could lead to a full System compromise of the affected devices.
Remediation: Please update your devices to the specified fixed firmware version.
| Product | Fixed Version |
|-------------------------------------------|---------------|
| Lean Managed Switch 852-1812 | V1.2.1.S1 |
| Lean Managed Switch 852-1813 | V1.2.1.S1 |
| Lean Managed Switch 852-1813/000-001| V1.2.3.S1 |
| Lean Managed Switch 852-1816 | V1.2.1.S1 |
| Industrial Managed Switch 852-303 | V1.2.8.S1 |
| Industrial Managed Switch 852-1305 | V1.2.0.S1 |
| Industrial Managed Switch 852-1305/000-001| V1.2.0.S1 |
| Industrial Managed Switch 852-1505/000-001| V1.2.0.S1 |
| Industrial Managed Switch 852-1505 | V1.1.9.S1 |
| Industrial Managed Switch 852-602 | V1.0.6.S1 |
| Industrial Managed Switch 852-603 | V1.0.6.S1 |
| Industrial Managed Switch 852-1605 | V1.2.5.S1 |
| Lean Managed Switch 852-1812/010-000| V1.2.1.S1 |
| Lean Managed Switch 852-1813/010-000| V1.2.1.S1 |
| Lean Managed Switch 852-1813/010-001| V1.2.1.S1 |
| Lean Managed Switch 852-1816/010-000| V1.2.1.S1 |
An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.
10 (Critical)
Vendor Fix
Please update your devices to the specified fixed firmware version.
| Product | Fixed Version |
|-------------------------------------------|---------------|
| Lean Managed Switch 852-1812 | V1.2.1.S1 |
| Lean Managed Switch 852-1813 | V1.2.1.S1 |
| Lean Managed Switch 852-1813/000-001| V1.2.3.S1 |
| Lean Managed Switch 852-1816 | V1.2.1.S1 |
| Industrial Managed Switch 852-303 | V1.2.8.S1 |
| Industrial Managed Switch 852-1305 | V1.2.0.S1 |
| Industrial Managed Switch 852-1305/000-001| V1.2.0.S1 |
| Industrial Managed Switch 852-1505/000-001| V1.2.0.S1 |
| Industrial Managed Switch 852-1505 | V1.1.9.S1 |
| Industrial Managed Switch 852-602 | V1.0.6.S1 |
| Industrial Managed Switch 852-603 | V1.0.6.S1 |
| Industrial Managed Switch 852-1605 | V1.2.5.S1 |
| Lean Managed Switch 852-1812/010-000| V1.2.1.S1 |
| Lean Managed Switch 852-1813/010-000| V1.2.1.S1 |
| Lean Managed Switch 852-1813/010-001| V1.2.1.S1 |
| Lean Managed Switch 852-1816/010-000| V1.2.1.S1 |
Workaround
To eliminate the attack vector deactivate ssh and telnet on the device.
Workaround
To reduce the attack vector deactivate ssh and telnet on the devices. This ensures that the CLI is only accessible locally via RS232.
References
Acknowledgments
CERT@VDE
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination"
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function.",
"title": "Summary"
},
{
"category": "description",
"text": "This could lead to a full System compromise of the affected devices.",
"title": "Impact"
},
{
"category": "description",
"text": "Please update your devices to the specified fixed firmware version.\n\n| Product | Fixed Version |\n|-------------------------------------------|---------------|\n| Lean Managed Switch 852-1812 | V1.2.1.S1 |\n| Lean Managed Switch 852-1813 | V1.2.1.S1 |\n| Lean Managed Switch 852-1813/000-001| V1.2.3.S1 |\n| Lean Managed Switch 852-1816 | V1.2.1.S1 |\n| Industrial Managed Switch 852-303 | V1.2.8.S1 |\n| Industrial Managed Switch 852-1305 | V1.2.0.S1 |\n| Industrial Managed Switch 852-1305/000-001| V1.2.0.S1 |\n| Industrial Managed Switch 852-1505/000-001| V1.2.0.S1 |\n| Industrial Managed Switch 852-1505 | V1.1.9.S1 |\n| Industrial Managed Switch 852-602 | V1.0.6.S1 |\n| Industrial Managed Switch 852-603 | V1.0.6.S1 |\n| Industrial Managed Switch 852-1605 | V1.2.5.S1 |\n| Lean Managed Switch 852-1812/010-000| V1.2.1.S1 |\n| Lean Managed Switch 852-1813/010-000| V1.2.1.S1 |\n| Lean Managed Switch 852-1813/010-001| V1.2.1.S1 |\n| Lean Managed Switch 852-1816/010-000| V1.2.1.S1 |",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@wago.com",
"name": "WAGO GmbH \u0026 Co. KG",
"namespace": "https://www.wago.com/psirt"
},
"references": [
{
"category": "self",
"summary": "WAGO PSIRT",
"url": "https://www.wago.com/de-en/automation-technology/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for WAGO",
"url": "https://certvde.com/de/advisories/vendor/wago/"
},
{
"category": "self",
"summary": "VDE-2026-020: WAGO: Vulnerability in managed switches - HTML",
"url": "https://certvde.com/en/advisories/VDE-2026-020"
},
{
"category": "self",
"summary": "VDE-2026-020: WAGO: Vulnerability in managed switches - CSAF",
"url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-020.json"
}
],
"title": "WAGO: Vulnerability in managed switches",
"tracking": {
"aliases": [
"VDE-2026-020"
],
"current_release_date": "2026-03-23T08:00:00.000Z",
"generator": {
"date": "2026-03-19T10:16:00.129Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.44"
}
},
"id": "VDE-2026-020",
"initial_release_date": "2026-03-23T08:00:00.000Z",
"revision_history": [
{
"date": "2026-03-23T08:00:00.000Z",
"number": "1.0.0",
"summary": "Release version."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "852-1812",
"product": {
"name": "Lean Managed Switch 852-1812",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"852-1812"
]
}
}
},
{
"category": "product_name",
"name": "852-1813",
"product": {
"name": "Lean Managed Switch 852-1813",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"852-1813"
]
}
}
},
{
"category": "product_name",
"name": "852-1813/000-001",
"product": {
"name": "Lean Managed Switch 852-1813/000-001",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"852-1813/000-001"
]
}
}
},
{
"category": "product_name",
"name": "852-1816",
"product": {
"name": "Lean Managed Switch 852-1816",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"852-1816"
]
}
}
},
{
"category": "product_name",
"name": "852-303",
"product": {
"name": "Industrial Managed Switch 852-303",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"852-303"
]
}
}
},
{
"category": "product_name",
"name": "852-1305",
"product": {
"name": "Industrial Managed Switch 852-1305",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"852-1305"
]
}
}
},
{
"category": "product_name",
"name": "852-1305/000-001",
"product": {
"name": "Industrial Managed Switch 852-1305/000-001",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"852-1305/000-001"
]
}
}
},
{
"category": "product_name",
"name": "852-1505/000-001",
"product": {
"name": "Industrial Managed Switch 852-1505/000-001",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"852-1505/000-001"
]
}
}
},
{
"category": "product_name",
"name": "852-1505",
"product": {
"name": "Industrial Managed Switch 852-1505",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"852-1505"
]
}
}
},
{
"category": "product_name",
"name": "852-602",
"product": {
"name": "Industrial Managed Switch 852-602",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"852-602"
]
}
}
},
{
"category": "product_name",
"name": "852-603",
"product": {
"name": "Industrial Managed Switch 852-603",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"852-603"
]
}
}
},
{
"category": "product_name",
"name": "852-1605",
"product": {
"name": "Industrial Managed Switch 852-1605",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"852-1605"
]
}
}
},
{
"category": "product_name",
"name": "852-1812/010-000",
"product": {
"name": "Lean Managed Switch 852-1812/010-000",
"product_id": "CSAFPID-11013",
"product_identification_helper": {
"model_numbers": [
"852-1812/010-000"
]
}
}
},
{
"category": "product_name",
"name": "852-1813/010-000",
"product": {
"name": "Lean Managed Switch 852-1813/010-000",
"product_id": "CSAFPID-11014",
"product_identification_helper": {
"model_numbers": [
"852-1813/010-000"
]
}
}
},
{
"category": "product_name",
"name": "852-1816/010-000",
"product": {
"name": "Lean Managed Switch 852-1816/010-000",
"product_id": "CSAFPID-11015",
"product_identification_helper": {
"model_numbers": [
"852-1816/010-000"
]
}
}
},
{
"category": "product_name",
"name": "852-1813/010-001",
"product": {
"name": "Lean Managed Switch 852-1813/010-001",
"product_id": "CSAFPID-11016",
"product_identification_helper": {
"model_numbers": [
"852-1813/010-001"
]
}
}
}
],
"category": "product_family",
"name": "Industrial Managed Switch"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.0.6.S0",
"product": {
"name": "Firmware \u003cV1.0.6.S0",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.1.9.S0",
"product": {
"name": "Firmware \u003cV1.1.9.S0",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.2.0.S0",
"product": {
"name": "Firmware \u003cV1.2.0.S0",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.2.1.S0",
"product": {
"name": "Firmware \u003cV1.2.1.S0",
"product_id": "CSAFPID-21004"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.2.3.S0",
"product": {
"name": "Firmware \u003cV1.2.3.S0",
"product_id": "CSAFPID-21005"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.2.5.S0",
"product": {
"name": "Firmware \u003cV1.2.5.S0",
"product_id": "CSAFPID-21006"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003cV1.2.8.S0",
"product": {
"name": "Firmware \u003cV1.2.8.S0",
"product_id": "CSAFPID-21007"
}
},
{
"category": "product_version",
"name": "V1.0.6.S1",
"product": {
"name": "Firmware V1.0.6.S1",
"product_id": "CSAFPID-22001",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.0.6.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.1.9.S1",
"product": {
"name": "Firmware V1.1.9.S1",
"product_id": "CSAFPID-22002",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.1.9.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.0.S1",
"product": {
"name": "Firmware V1.2.0.S1",
"product_id": "CSAFPID-22003",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.0.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.1.S1",
"product": {
"name": "Firmware V1.2.1.S1",
"product_id": "CSAFPID-22004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.3.S1",
"product": {
"name": "Firmware V1.2.3.S1",
"product_id": "CSAFPID-22005",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.3.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.5.S1",
"product": {
"name": "Firmware V1.2.5.S1",
"product_id": "CSAFPID-22006",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.5.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.8.S1",
"product": {
"name": "Firmware V1.2.8.S1",
"product_id": "CSAFPID-22007",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.8.S1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.0.6.S0",
"product": {
"name": "Firmware V1.0.6.S0",
"product_id": "CSAFPID-21008",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.0.6.S0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.1.9.S0",
"product": {
"name": "Firmware V1.1.9.S0",
"product_id": "CSAFPID-21009",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.1.9.S0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.0.S0",
"product": {
"name": "Firmware V1.2.0.S0",
"product_id": "CSAFPID-21010",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.0.S0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.1.S0",
"product": {
"name": "Firmware V1.2.1.S0",
"product_id": "CSAFPID-21011",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.3.S0",
"product": {
"name": "Firmware V1.2.3.S0",
"product_id": "CSAFPID-21012",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.3.S0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.5.S0",
"product": {
"name": "Firmware V1.2.5.S0",
"product_id": "CSAFPID-21013",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.5.S0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "V1.2.8.S0",
"product": {
"name": "Firmware V1.2.8.S0",
"product_id": "CSAFPID-21014",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.8.S0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "WAGO"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032"
],
"summary": "Affected products"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016"
],
"summary": "Fixed products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1812",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"852-1812"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1812",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"852-1812"
]
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1813",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"852-1813"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1813",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"852-1813"
]
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.3.S0 installed on Lean Managed Switch 852-1813/000-001",
"product_id": "CSAFPID-31003",
"product_identification_helper": {
"model_numbers": [
"852-1813/000-001"
]
}
},
"product_reference": "CSAFPID-21005",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.3.S1 installed on Lean Managed Switch 852-1813/000-001",
"product_id": "CSAFPID-32003",
"product_identification_helper": {
"model_numbers": [
"852-1813/000-001"
]
}
},
"product_reference": "CSAFPID-22005",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1816",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"852-1816"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1816",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"852-1816"
]
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.8.S0 installed on Industrial Managed Switch 852-303",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"852-303"
]
}
},
"product_reference": "CSAFPID-21007",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.8.S1 installed on Industrial Managed Switch 852-303",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"852-303"
]
}
},
"product_reference": "CSAFPID-22007",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.0.S0 installed on Industrial Managed Switch 852-1305",
"product_id": "CSAFPID-31006",
"product_identification_helper": {
"model_numbers": [
"852-1305"
]
}
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.0.S1 installed on Industrial Managed Switch 852-1305",
"product_id": "CSAFPID-32006",
"product_identification_helper": {
"model_numbers": [
"852-1305"
]
}
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.0.S0 installed on Industrial Managed Switch 852-1305/000-001",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"852-1305/000-001"
]
}
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.0.S1 installed on Industrial Managed Switch 852-1305/000-001",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"852-1305/000-001"
]
}
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.0.S0 installed on Industrial Managed Switch 852-1505/000-001",
"product_id": "CSAFPID-31008",
"product_identification_helper": {
"model_numbers": [
"852-1505/000-001"
]
}
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.0.S1 installed on Industrial Managed Switch 852-1505/000-001",
"product_id": "CSAFPID-32008",
"product_identification_helper": {
"model_numbers": [
"852-1505/000-001"
]
}
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.1.9.S0 installed on Industrial Managed Switch 852-1505",
"product_id": "CSAFPID-31009",
"product_identification_helper": {
"model_numbers": [
"852-1505"
]
}
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.1.9.S1 installed on Industrial Managed Switch 852-1505",
"product_id": "CSAFPID-32009",
"product_identification_helper": {
"model_numbers": [
"852-1505"
]
}
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.0.6.S0 installed on Industrial Managed Switch 852-602",
"product_id": "CSAFPID-31010",
"product_identification_helper": {
"model_numbers": [
"852-602"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.0.6.S1 installed on Industrial Managed Switch 852-602",
"product_id": "CSAFPID-32010",
"product_identification_helper": {
"model_numbers": [
"852-602"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.0.6.S0 installed on Industrial Managed Switch 852-603",
"product_id": "CSAFPID-31011",
"product_identification_helper": {
"model_numbers": [
"852-603"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.0.6.S1 installed on Industrial Managed Switch 852-603",
"product_id": "CSAFPID-32011",
"product_identification_helper": {
"model_numbers": [
"852-603"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.5.S0 installed on Industrial Managed Switch 852-1605",
"product_id": "CSAFPID-31012",
"product_identification_helper": {
"model_numbers": [
"852-1605"
]
}
},
"product_reference": "CSAFPID-21006",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.5.S1 installed on Industrial Managed Switch 852-1605",
"product_id": "CSAFPID-32012",
"product_identification_helper": {
"model_numbers": [
"852-1605"
]
}
},
"product_reference": "CSAFPID-22006",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1812/010-000",
"product_id": "CSAFPID-31013",
"product_identification_helper": {
"model_numbers": [
"852-1812/010-000"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1812/010-000",
"product_id": "CSAFPID-32013",
"product_identification_helper": {
"model_numbers": [
"852-1812/010-000"
]
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1813/010-000",
"product_id": "CSAFPID-31014",
"product_identification_helper": {
"model_numbers": [
"852-1813/010-000"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1813/010-000",
"product_id": "CSAFPID-32014",
"product_identification_helper": {
"model_numbers": [
"852-1813/010-000"
]
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1816/010-000",
"product_id": "CSAFPID-31015",
"product_identification_helper": {
"model_numbers": [
"852-1816/010-000"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1816/010-000",
"product_id": "CSAFPID-32015",
"product_identification_helper": {
"model_numbers": [
"852-1816/010-000"
]
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.0.6.S0 installed on Industrial Managed Switch 852-602",
"product_id": "CSAFPID-31016",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.0.6.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21008",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.0.6.S0 installed on Industrial Managed Switch 852-603",
"product_id": "CSAFPID-31017",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.0.6.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21008",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.1.9.S0 installed on Industrial Managed Switch 852-1505",
"product_id": "CSAFPID-31018",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.1.9.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21009",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.0.S0 installed on Industrial Managed Switch 852-1305",
"product_id": "CSAFPID-31019",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.0.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21010",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.0.S0 installed on Industrial Managed Switch 852-1305/000-001",
"product_id": "CSAFPID-31020",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.0.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21010",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.0.S0 installed on Industrial Managed Switch 852-1505/000-001",
"product_id": "CSAFPID-31021",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.0.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21010",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1812",
"product_id": "CSAFPID-31022",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1813",
"product_id": "CSAFPID-31023",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1816",
"product_id": "CSAFPID-31024",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1812/010-000",
"product_id": "CSAFPID-31025",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1813/010-000",
"product_id": "CSAFPID-31026",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1816/010-000",
"product_id": "CSAFPID-31027",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21011",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.3.S0 installed on Lean Managed Switch 852-1813/000-001",
"product_id": "CSAFPID-31028",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.3.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21012",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.5.S0 installed on Industrial Managed Switch 852-1605",
"product_id": "CSAFPID-31029",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.5.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21013",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.8.S0 installed on Industrial Managed Switch 852-303",
"product_id": "CSAFPID-31030",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.8.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21014",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S1 installed on Lean Managed Switch 852-1813/010-001",
"product_id": "CSAFPID-32016",
"product_identification_helper": {
"model_numbers": [
"852-1813/010-001"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV1.2.1.S0 installed on Lean Managed Switch 852-1813/010-001",
"product_id": "CSAFPID-31031",
"product_identification_helper": {
"model_numbers": [
"852-1813/010-001"
]
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V1.2.1.S0 installed on Lean Managed Switch 852-1813/010-001",
"product_id": "CSAFPID-31032",
"product_identification_helper": {
"cpe": "cpe:2.3:o:wago:switch:V1.2.1.S0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11016"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-3587",
"cwe": {
"id": "CWE-912",
"name": "Hidden Functionality"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009",
"CSAFPID-32010",
"CSAFPID-32011",
"CSAFPID-32012",
"CSAFPID-32013",
"CSAFPID-32014",
"CSAFPID-32015",
"CSAFPID-32016"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T13:00:00.000Z",
"details": "Please update your devices to the specified fixed firmware version.\n\n| Product | Fixed Version |\n|-------------------------------------------|---------------|\n| Lean Managed Switch 852-1812 | V1.2.1.S1 |\n| Lean Managed Switch 852-1813 | V1.2.1.S1 |\n| Lean Managed Switch 852-1813/000-001| V1.2.3.S1 |\n| Lean Managed Switch 852-1816 | V1.2.1.S1 |\n| Industrial Managed Switch 852-303 | V1.2.8.S1 |\n| Industrial Managed Switch 852-1305 | V1.2.0.S1 |\n| Industrial Managed Switch 852-1305/000-001| V1.2.0.S1 |\n| Industrial Managed Switch 852-1505/000-001| V1.2.0.S1 |\n| Industrial Managed Switch 852-1505 | V1.1.9.S1 |\n| Industrial Managed Switch 852-602 | V1.0.6.S1 |\n| Industrial Managed Switch 852-603 | V1.0.6.S1 |\n| Industrial Managed Switch 852-1605 | V1.2.5.S1 |\n| Lean Managed Switch 852-1812/010-000| V1.2.1.S1 |\n| Lean Managed Switch 852-1813/010-000| V1.2.1.S1 |\n| Lean Managed Switch 852-1813/010-001| V1.2.1.S1 |\n| Lean Managed Switch 852-1816/010-000| V1.2.1.S1 |",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "workaround",
"date": "2026-03-09T13:00:00.000Z",
"details": "To eliminate the attack vector deactivate ssh and telnet on the device.",
"product_ids": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11013",
"CSAFPID-11014",
"CSAFPID-11015",
"CSAFPID-11016"
]
},
{
"category": "workaround",
"date": "2026-03-19T11:00:00.000Z",
"details": "To reduce the attack vector deactivate ssh and telnet on the devices. This ensures that the CLI is only accessible locally via RS232.",
"product_ids": [
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011",
"CSAFPID-11012"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 10,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 10,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032"
]
}
],
"title": "Hidden CLI Function Allows Root Access"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…