WAGO Device Sphere and Solution Builder Vulnerability Expose Database and User Credentials

• CVE-2025-41715: It is a vulnerability in WAGO Device Sphere and WAGO Solution Builder caused by a missing authentication check. It allows unauthenticated remote attackers to access the web application database. Attackers can read, modify, or delete records, potentially leading to data loss, theft, or full application compromise. Exploiting this flaw could enable privilege escalation and targeted attacks on the affected environment. The vulnerability has a CVSS score of 9.8.
• CVE-2025-41716:  It is a vulnerability in WAGO Device Sphere and WAGO Solution Builder that allows unauthenticated attackers to enumerate user accounts and their roles. This flaw occurs due to missing authentication for functions in the web application. Exploitation can facilitate brute-force attacks, credential stuffing, or targeted social engineering campaigns. Attackers could gain insights into privileged accounts, increasing the risk of compromise. The vulnerability has a CVSS score of 5.3.

RECOMMENDATION:

We strongly recommend you update WAGO Device Sphere and Solution Builder Products to below version:

• For WAGO Device Sphere to version 1.1.0 or later.
• For WAGO Solution Builder to version 2.3.3 or later.

REFERENCES:

The following reports contain further technical details:

• https://securityonline.info/cve-2025-41715-cvss-9-8-unauthenticated-flaw-exposes-wago-industrial-databases/