CVE-2025-1235: WAGO: Switches affected by year 2k38 problem
Published Jun 2, 2025
·Updated
A low privileged attacker can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes the date of the switch to be set back to January 1st, 1970.
Affected Software
1 affected component
WAGO Switches
Event History
Jun 2, 2025
CVE Published
via MITRE·06:23 AM
Data Sourced
via MITRE·06:23 AM
DescriptionSeverityWeakness
Data Sourced
via NVD·07:15 AM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2025-1235?
CVE-2025-1235 is considered a low severity vulnerability.
2
How does CVE-2025-1235 affect devices?
CVE-2025-1235 allows a low privileged attacker to manipulate the device date, potentially reverting it to January 1st, 1970.
3
Who is affected by CVE-2025-1235?
CVE-2025-1235 affects WAGO Switches.
4
What are the potential risks of exploiting CVE-2025-1235?
Exploitation of CVE-2025-1235 may lead to system functionality issues due to improper date handling.
5
How can I mitigate risks from CVE-2025-1235?
Mitigation strategies for CVE-2025-1235 include regularly updating firmware on WAGO Switches and monitoring access permissions.