Plattform
other
Komponente
wago-plc
Behoben in
4.5.11
3.10.11
4.5.11
3.10.11
4.5.11
26.0.1
4.5.11
4.5.11
4.5.11
0.0.1
4.5.11
4.5.11
4.5.11
CVE-2024-1490 describes a remote code execution (RCE) vulnerability affecting WAGO Programmable Logic Controllers (PLCs). An authenticated attacker with high privileges can exploit a flaw in the OpenVPN configuration accessible through the web-based management interface. This allows the execution of arbitrary shell commands on the device, potentially leading to complete system compromise, impacting versions 0.0.0 through FW 26. No official patch is currently available.
Successful exploitation of CVE-2024-1490 allows an attacker to gain complete control over the affected WAGO PLC. This can lead to a wide range of malicious activities, including data theft, system disruption, and even physical damage if the PLC controls critical industrial processes. The ability to execute arbitrary shell commands grants the attacker the same privileges as a high-privileged user, enabling them to modify PLC programs, access sensitive data, and potentially pivot to other systems on the network. The impact is particularly severe given the prevalence of PLCs in critical infrastructure sectors such as manufacturing, energy, and transportation.
CVE-2024-1490 has been published on 2026-04-09. The EPSS score is currently pending evaluation. Public proof-of-concept (POC) code is not yet available, but the vulnerability's nature suggests a relatively high likelihood of exploitation once a POC is released. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting WAGO PLCs.
Exploit-Status
EPSS
0.10% (27% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-1490 is to upgrade the WAGO PLC firmware to a version that addresses the vulnerability. WAGO has not yet released a specific fixed version, so monitor their official advisory channels for updates. As a temporary workaround, restrict access to the OpenVPN configuration interface to only authorized personnel. Implement strong authentication mechanisms, such as multi-factor authentication, to prevent unauthorized access. Consider using a web application firewall (WAF) to filter malicious requests targeting the OpenVPN interface.
Aktualisieren Sie die Firmware Ihrer WAGO SPS auf eine korrigierte Version. Sehen Sie in der WAGO-Dokumentation oder auf der WAGO-Website nach, um spezifische Anweisungen zum Aktualisieren der Firmware und zur Überprüfung der betroffenen und korrigierten Versionen zu erhalten.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
PLC stands for 'Programmable Logic Controller'. It's a specialized computer used to automate industrial processes.
If you use a WAGO CC100 PLC with OpenVPN and script execution enabled, it is highly recommended to disable script execution until WAGO releases a fix.
The method for disabling script execution depends on the PLC firmware version. Refer to WAGO documentation for specific instructions.
An attacker could access configuration data, industrial process data, and potentially other systems connected to the network through the PLC.
Monitoring system logs and network activity for suspicious commands or unauthorized access can help detect exploitation.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.