Critical CVE-2026-4769 Vulnerability in WAGO Devices Exposes Systems to Remote Attacks

Critical CVE-2026-4769 Vulnerability in WAGO Devices Exposes Systems to Remote Attacks

First seen 13 Jul 2026, 13:28 UTC Feedlycve.reportcve.akaoma.comvulners.comthreatcluster.io+2 93% similarity 77.2

Article Content

Browse articles
ThreatCluster

CVE-2026-4769 affects certain devices in the WAGO System I/O Field series, which activate an undocumented internal diagnostic capability during startup. This feature is accessible without authentication for a short period, allowing unauthenticated remote attackers to access internal processes, leading to full system compromise. The vulnerability has been assigned a CVSS base score of 9.8, indicating critical severity. Currently, there is no public proof-of-concept or evidence of exploitation. Recommendations include monitoring network access during startup and securing the diagnostic capability if possible. No patch information is available at this time. Organizations are urged to ensure these devices are deployed in secure environments.

Key Points: • CVE-2026-4769 allows unauthenticated remote access during device startup. • The vulnerability has a critical CVSS score of 9.8, indicating severe risk. • No patches are currently available; immediate action is recommended to secure affected devices.

ThreatCluster AI

Timeline

2026-07-13
CVE-2026-4769 published
WAGO disclosed a critical vulnerability allowing full system compromise during startup phases.
Feedly
2026-07-13
Security advisory released
GitHub Advisories released a security advisory regarding CVE-2026-4769, highlighting its critical nature.
cve.report
2026-07-13
Urgent remediation recommended
Organizations are advised to monitor and restrict network access to affected WAGO devices immediately.
cve.akaoma.com

Community

Browse all →