CVE-2026-3587

Name of the Vulnerable Software and Affected Versions WAGO Lean Managed Switch 852-1812 and other WAGO products versions prior to a fix for CVE-2026-3587

Description An unauthenticated remote attacker can exploit a hidden function within the Command Line Interface (CLI) prompt to bypass the restricted interface. This allows the attacker to gain root access to the underlying Linux operating system, potentially leading to a full compromise of the device. The issue is described as a critical severity flaw with a CVSS score of 10.0. The vulnerability resides in an undocumented CLI backdoor. There have been reports of elevated activities targeting WAGO devices, indicating potential exploitation in the wild. The vulnerable function allows access to the Linux OS as root.

Recommendations Update WAGO Lean Managed Switch 852-1812 and other affected WAGO products to a version that addresses CVE-2026-3587. At the moment, there is no information about a newer version that contains a fix for this vulnerability.