CVE-2025-1235 MEDIUM

CVE-2025-1235: WAGO: Switches affected by year 2k38 problem

Vendor Wago
Product Fully Managed Switches 0852-0303
Weakness CWE-190
Published June 2, 2025
Last update June 2, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970.

Key dates

02Disclosure timeline

June 2, 2025 CVE published
June 2, 2025 Record updated