CVE-2025-0101

MEDIUM

WAGO CC100 0751-9x01 < 04.07.01 - Integer Overflow via Date Setting

Title source: llm

Description

A low privileged user can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes some functions to work unexpected or stop working at all. Both during runtime and after a restart.

References (1)

Core 1

Core References

Various Sources

https://cert.vde.com/en/advisories/VDE-2025-007

Scores

CVSS v3 6.5

EPSS 0.0031

EPSS Percentile 22.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (15)

WAGO/CC100 0751-9x01 < 04.07.01

WAGO/PFC100 G1 0750-810x/xxxx-xxxx < 03.10.11

WAGO/PFC100 G1 0750-810x/xxxx-xxxx < 3.10.11

WAGO/PFC100 G2 0750-811x-xxxx-xxxx < 04.07.01

WAGO/PFC200 G1 750-820x-xxx-xxx < 03.10.11

WAGO/PFC200 G1 750-820x-xxx-xxx < 3.10.11

WAGO/PFC200 G2 750-821x-xxx-xxx < 04.07.01

WAGO/TP600 0762-420x/8000-000x < 04.07.01

WAGO/TP600 0762-430x/8000-000x < 04.07.01

WAGO/TP600 0762-520x/8000-000x < 04.07.01

... and 5 more

Published Apr 16, 2025

Tracked Since Feb 18, 2026