Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2023-4089

On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.

Published: Oct 17, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-4089
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.7
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-610

Affected Software
References

Software	From	Fixed in
wago / compact_controller_100_firmware	19	26.x
wago / edge_controller_firmware	18	26.x
wago / pfc100_firmware	16	26.x
wago / pfc200_firmware	16	26.x
wago / touch_panel_600_advanced_firmware	16	26.x
wago / touch_panel_600_marine_firmware	16	26.x
wago / touch_panel_600_standard_firmware	16	26.x

https://cert.vde.com/en/advisories/VDE-2023-046/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo