Horizon Alert
Summary of the vulnerability and why it matters
A security vulnerability has been identified in certain WAGO System I/O Field devices that allows unauthenticated remote attackers to gain full system compromise during the initial startup sequence. This is due to an undocumented diagnostic capability that is accessible for a short period without requiring credentials.
- Undocumented feature grants system access.
- Critical vulnerability affects industrial control systems.
- Confirm relevance and potential exposure.
Attack Path
How an attacker could exploit the issue
An attacker could gain control of certain WAGO devices by exploiting an undocumented diagnostic feature that is briefly accessible during the device's startup. If an attacker can reach the device over the network, they can leverage this window of opportunity before it's secured to access internal system processes and achieve a full compromise.
- Device is network-accessible.
- Exploits undocumented startup feature.
- Leads to full system compromise.
Live Threat
Current exploitation, exposure, and threat context
This vulnerability could allow an unauthenticated remote attacker to compromise the entire system by accessing internal diagnostic capabilities during the initial startup sequence of certain WAGO System I/O Field devices. This access is available for a short window before formal authentication is required.
- System processes are at risk.
- Unauthenticated remote access can occur.
- Full system compromise is possible.
Operational Fix
Recommended remediation, mitigation, and detection steps
This vulnerability in WAGO System I/O Field devices requires an immediate response, likely involving asset owners and infrastructure teams. The first critical step is to identify all instances of this technology, determine their business criticality and network exposure, and confirm the responsible system owner for remediation planning.
- Identify responsible system owners.
- Verify device reachability and criticality.
- Plan remediation based on risk.