Wago: Vulnerability in libwagosnmp

Monitor5.4VDE-2025-004Mar 5, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A vulnerability exists in the libwagosnmp SNMP library used by WAGO PFC firmware SDKs. The issue is an improper error handling condition (CWE-252) that could be triggered by a user with valid credentials to cause denial of service or data corruption. The vulnerability affects CC100 compact controllers, PFC100/PFC200 programmable field controllers (G1 and G2 generations), TP600 touchpanels, and Edge Controller 0752-8303. Firmware updates are available for all affected models.

What this means

What could happen

A user with valid credentials could trigger improper error handling in the SNMP library to cause a denial of service or corrupt device data, potentially interrupting control logic and process monitoring on WAGO controllers.

Who's at risk

Water and wastewater operators, electric utility engineers, and industrial plant managers running WAGO control systems are affected. Impacted equipment includes WAGO PFC100/PFC200 programmable field controllers (G1 and G2 generations), CC100 compact controllers, TP600 touchpanels, and Edge Controllers—devices commonly used to monitor and control pumps, motors, valves, and process parameters in water treatment and power distribution.

How it could be exploited

An attacker with network access and valid engineering or admin credentials connects to the WAGO device and sends a specially crafted SNMP request to the libwagosnmp library. The unhandled error condition causes the controller to fail process checks or allow memory corruption, degrading or stopping operations.

Prerequisites

Network access to the WAGO device SNMP port (typically 161)
Valid engineering workstation or admin credentials for the device
SNMP service enabled and accessible

remotely exploitablerequires valid credentials (low barrier for insider threat)low complexity attackaffects operational controllersno patch available for firmware 70 variant (end-of-life maintenance release)

Affected products (24)

12 with fix12 pending

ProductAffected VersionsFix Status

CC100 0751-9x01<04.07.01Fix available

CC100 0751-9x01<04.07.01 (70)No fix yet

PFC100 G1 0750-810x/xxxx-xxxx<03.10.11Fix available

PFC100 G1 0750-810x/xxxx-xxxx<03.10.11 (70)No fix yet

PFC100 G2 0750-811x-xxxx-xxxx<04.07.01Fix available

Remediation & Mitigation

0/8

Do now

0/1

WORKAROUNDRestrict network access to SNMP ports (161/UDP) on all WAGO controllers to only authorized engineering workstations and monitoring systems

Schedule — requires maintenance window

0/7

Patching may require device reboot — plan for process interruption

CC100 0751-9x01

HOTFIXUpdate CC100 0751-9x01 devices to firmware version 04.07.01 or later

PFC100 G1 0750-810x/xxxx-xxxx

HOTFIXUpdate PFC100 G1 0750-810x/xxxx-xxxx devices to firmware version 03.10.11 or later

PFC100 G2 0750-811x-xxxx-xxxx

HOTFIXUpdate PFC100 G2 0750-811x-xxxx-xxxx devices to firmware version 04.07.01 or later

PFC200 G1 750-820x-xxx-xxx

HOTFIXUpdate PFC200 G1 750-820x-xxx-xxx devices to firmware version 03.10.11 or later

PFC200 G2 750-821x-xxx-xxx

HOTFIXUpdate PFC200 G2 750-821x-xxx-xxx devices to firmware version 04.07.01 or later

Edge Controller 0752-8303/8000-0002

HOTFIXUpdate Edge Controller 0752-8303/8000-0002 devices to firmware version 04.07.01 or later

All products

HOTFIXUpdate TP600 touch panel devices (all models) to firmware version 04.07.01 or later

CVEs (1)

CVE-2024-12650

View full CERT@VDE advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c23269de-4f96-41a1-a384-ed10faa704c3