Wago: Vulnerability in libwagosnmp

MonitorCVSS 5.4VDE-2025-004Mar 5, 2025

WAGO

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Vulnerability in libwagosnmp library used in WAGO programmable controllers and touch panels (CC100, PFC100/200 G1/G2, TP600, Edge Controller). The vulnerability exists in the SNMP library component that can be exploited by authenticated users with network access to cause denial of service or data integrity issues.

What this means

What could happen

An attacker with valid network credentials could send crafted SNMP requests to your WAGO controller, potentially disrupting operations or corrupting control data. This affects process monitoring and remote management functions on your programmable controllers and HMIs.

Who's at risk

Water and power utilities operating WAGO programmable logic controllers (PFC100, PFC200, CC100 series) and WAGO TP600 operator interface panels. Also affects Edge Controller devices used for remote monitoring and local control in distributed water/electric systems.

How it could be exploited

An attacker with valid credentials and network access to the SNMP port (typically UDP 161) on a WAGO controller can send malformed SNMP requests. The vulnerable libwagosnmp library fails to properly validate these requests, allowing the attacker to cause the service to fail or corrupt internal state, degrading controller functionality.

Prerequisites

Valid SNMP credentials or access to SNMP community string
Network access to SNMP port (UDP 161) on the affected controller
Controller firmware below vendor-fixed version

remotely exploitablerequires valid authenticationlow complexity attackaffects remote monitoring capabilitymultiple product lines vulnerable

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (24)

12 with fix12 pending

ProductAffected VersionsFix Status

CC100 0751-9x01<04.07.01Fix available

CC100 0751-9x01<04.07.01 (70)No fix yet

PFC100 G1 0750-810x/xxxx-xxxx<03.10.11Fix available

PFC100 G1 0750-810x/xxxx-xxxx<03.10.11 (70)No fix yet

PFC100 G2 0750-811x-xxxx-xxxx<04.07.01Fix available

Remediation & Mitigation

0/5

Do now

0/3

WORKAROUNDRestrict network access to SNMP port (UDP 161) on all WAGO controllers using firewall rules to only permit SNMP traffic from authorized monitoring systems

HARDENINGChange default SNMP community strings on all affected controllers to strong, unique values

WORKAROUNDDisable SNMP service on WAGO controllers if remote SNMP monitoring is not required

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate all CC100, PFC100 G1/G2, PFC200 G1/G2, TP600, and Edge Controller devices to firmware version 4.7.1 (FW29) or later for newer models, or 3.10.11 for PFC100/PFC200 G1 models

HOTFIXFor devices with no patch available (firmware version 70 suffix), contact WAGO support regarding custom firmware with the vulnerability fix applied

CVEs (1)

CVE-2024-12650

View full CERT@VDE advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c23269de-4f96-41a1-a384-ed10faa704c3

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.