WAGO: Vulnerabilities in Device Sphere and Solution Builder

Act Now9.8VDE-2025-087Sep 24, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

WAGO Device Sphere and Solution Builder contain a missing authentication check that allows unauthenticated access to sensitive information. An attacker on the network can retrieve configuration data, device parameters, and engineering details without valid credentials.

What this means

What could happen

An unauthenticated attacker on the network could access sensitive information from WAGO Device Sphere or Solution Builder, potentially exposing engineering data, device configurations, or system parameters critical to your operational setup.

Who's at risk

Organizations using WAGO Device Sphere for device management or WAGO Solution Builder for engineering and automation configuration are affected. This impacts any engineering team or maintenance personnel who use these tools to manage WAGO industrial controllers and edge devices.

How it could be exploited

An attacker with network access to the WAGO Device Sphere or Solution Builder interface can bypass authentication checks to directly query sensitive information without providing credentials. No special tools are required—standard HTTP requests to the affected software endpoints would expose the data.

Prerequisites

Network access to the Device Sphere or Solution Builder interface (typically port 80 or 443)
Affected software version running unpatched

remotely exploitableno authentication requiredlow complexityinformation exposure of engineering data

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Software Device Sphere <1.1.0<1.1.01.1.0

Software Solution Builder <2.3.3<2.3.32.3.3

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGRestrict network access to Device Sphere and Solution Builder management interfaces using firewall rules or network segmentation—limit access to authorized engineering workstations only

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate WAGO Device Sphere to version 1.1.0 or later

HOTFIXUpdate WAGO Solution Builder to version 2.3.3 or later

CVEs (2)

CVE-2025-41715 CVE-2025-41716

View full CERT@VDE advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/effae06e-2f21-46af-877c-3187a3a06800