CVE-2025-0101

CWE-190Integer Overflow3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 43.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
Wago Cc100 0751-9x01Wago Pfc100 G1 0750-810x/xxxx-xxxxWago Pfc100 G2 0750-811x-xxxx-xxxx+10 more
Timeline
PublishedApr 16

Description

A low privileged user can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. This causes some functions to work unexpected or stop working at all. Both during runtime and after a restart.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages13 packages

CVEListV5wago/cc100_0751-9x01< 04.07.01
CVEListV5wago/wago_cc100_0751-9x01< 04.07.01
CVEListV5wago/tp600_0762-420x/8000-000x< 04.07.01
CVEListV5wago/tp600_0762-430x/8000-000x< 04.07.01
CVEListV5wago/tp600_0762-520x/8000-000x< 04.07.01

🔴Vulnerability Details

2
CVEList
WAGO: Year 2038 problem2025-04-16
GHSA
GHSA-2r79-7vx7-g52g: A low privileged user can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit2025-04-16
CVE-2025-0101 (MEDIUM CVSS 6.5) | A low privileged user can set the d | cvebase.io