A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices.
The application contains default certificates (signing keys) whose knowledge allows anyone to independently generate valid JWT tokens. Since the authentication mechanism is based on verifying the token signature using these known keys, an attacker can forge a token with arbitrary privileges without possessing login credentials. The attack is possible remotely, without user interaction, and without any prerequisites on the attacker's side.
Attacker gains full, unrestricted access to the tool and all connected devices, resulting in complete loss of system confidentiality, integrity, and availability.
Apply patches available from the manufacturer according to the references — detailed information about patched versions is contained in advisory VDE-2025-057 available at https://cert.vde.com/en/advisories/VDE-2025-057. It is critical to replace default certificates with unique, secure JWT signing keys.
Versions indicated in manufacturer references (WAGO / CERT VDE, advisory VDE-2025-057)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H