0765 2102 0100 0000
Monthly
Full system compromise of WAGO System I/O-Field series controllers (0765-xxx families) is possible when an unauthenticated remote attacker reaches an undocumented internal diagnostic interface that is briefly exposed during the device's early boot phase. Because the diagnostic capability requires no authentication and grants access to internal system processes, a successful attacker obtains complete control over confidentiality, integrity, and availability. Reported by CERT@VDE (VDE-2026-031); no public exploit code has been identified and it is not listed in CISA KEV at time of analysis.
Full system compromise of WAGO System I/O-Field series controllers (0765-xxx families) is possible when an unauthenticated remote attacker reaches an undocumented internal diagnostic interface that is briefly exposed during the device's early boot phase. Because the diagnostic capability requires no authentication and grants access to internal system processes, a successful attacker obtains complete control over confidentiality, integrity, and availability. Reported by CERT@VDE (VDE-2026-031); no public exploit code has been identified and it is not listed in CISA KEV at time of analysis.