EUVD-2026-14385

| CVE-2026-3587 CRITICAL
2026-03-23 CERTVDE GHSA-4r7q-86hg-h98x
10.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 23, 2026 - 08:15 euvd
EUVD-2026-14385
Analysis Generated
Mar 23, 2026 - 08:15 vuln.today
CVE Published
Mar 23, 2026 - 07:49 nvd
CRITICAL 10.0

Tags

Information Disclosure

Description

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface and gain root access to the underlying Linux based OS, leading to full compromise of the device.

Analysis

A hidden function in the CLI prompt of multiple WAGO industrial and lean managed switches allows unauthenticated remote attackers to escape the restricted interface and gain root access to the underlying Linux operating system. This results in complete device compromise with a maximum CVSS score of 10.0. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Inventory all WAGO switch models in use and identify affected devices; isolate critical switches from external network access if possible. Within 7 days: Implement network segmentation to restrict CLI access to authorized management networks only; enable authentication logging and monitor for suspicious access attempts. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

50
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +50
POC: 0

Share

EUVD-2026-14385 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy