VDE-2025-062 — Vulnetix

VDE-2025-062 PUBLISHED CVSS 6.599999904632568 MEDIUM

Several WAGO firmwares installed on different devices are impacted by various CODESYS vulnerabilities. These affect the runtime, visualization, and OPC UA server.

Risk Scores

CVSS v3.1

6.599999904632568

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	Firmware 03.10.11 (FW22 Patch 2)
	Custom Firmware <04.08.01 (70)
	Firmware <01.05.01
	TP600 0762-420x/8000-000x
	CC100 0751-9x01
	Custom Firmware 04.08.01 (70)
	Firmware <04.08.01 (FW30)
	Firmware <3.10.11 (FW22 Patch 2)
	PFC100 G1 0750-810x/xxxx-xxxx
	Firmware 04.08.01 (FW30)
	TP600 0762-530x/8000-000x
	TP600 0762-620x/8000-000x
	TP600 0762-630x/8000-000x
	PFC200 G2 750-821x-xxx-xxx
	TP600 0762-430x/8000-000x
	PFC200 G1 750-820x-xxx-xxx
	TP600 0762-520x/8000-000x
	PFC100 G2 0750-811x-xxxx-xxxx
	Edge Controller 0752-8303/8000-0002
	Basic Controller 0750-800x

Timeline

Nov 3, 2025 CVE Published

References

https://www.wago.com/de-en/automation-technology/psirt advisory
https://certvde.com/de/advisories/vendor/wago/ url
https://certvde.com/en/advisories/VDE-2025-062 advisory
https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-062.json advisory

Open in Interactive Console →