Exposures › CVE-2026-4769
WAGO I/O Field devices expose an unauthenticated RCE during early boot via undocumented diagnostic access.
This critical vulnerability allows remote attackers to execute arbitrary code on WAGO System I/O Field devices during the initial startup sequence without authentication, enabling full system compromise. DIB organizations must ensure these devices are patched and boot-time protections are enforced to prevent unauthorized access to industrial control systems.
Shame score — An unauthenticated RCE during boot on industrial devices is a severe, avoidable failure that directly compromises system integrity and violates CMMC/NIST 800-171 controls.
Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an unauthenticated remote attacker can gain access to the internal system processes, resulting in full system compromise.
No correlated FedRAMP products.