← volver
CVE-2025-1235

WAGO: Switches affected by year 2k38 problem

CVSS 4.3 MEDIUMEPSS 0.2%CWE-190
A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Productos afectados
WAGO · Fully Managed Switches 0852-0303WAGO · Fully Managed Switches 0852-1305WAGO · Fully Managed Switches 0852-1305/0000-0001WAGO · Fully Managed Switches 0852-1505WAGO · Fully Managed Switches 0852-1505/0000-0001WAGO · Lean Managed Switches 0852-1812WAGO · Lean Managed Switches 0852-1812/0010-0000WAGO · Lean Managed Switches 0852-1813WAGO · Lean Managed Switches 0852-1813/0000-0001WAGO · Lean Managed Switches 0852-1813/0010-0000WAGO · Lean Managed Switches 0852-1813/0010-0001WAGO · Lean Managed Switches 0852-1816WAGO · Lean Managed Switches 0852-1816/0010-0000

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert.vde.com/en/advisories/VDE-2025-020