Contact
PRODUCTSSOLUTIONSIndustriesCOMPANYCUSTOMER SERVICEDOWNLOADSCatalogues
automatisierungstechnik_security-hinweise_schloss-grafik_2000x2000.jpg

Cybersecurity – PSIRT at WAGO

When it comes to software and cybersecurity, the WAGO Product Security Incident Response Team (PSIRT) proactively supports you in protecting your existing industrial automation processes to the greatest possible extent. Whenever new potential threats arise, we provide you with recommendations, patches and updates as quickly as possible to minimize the risk.

However, we cannot uncover every vulnerability, so we depend on your help. If you notice anything relevant about our products or services, submit an incident report:

psirt@wago.com

WAGO Security Information

Find Out About the Latest Instructions and Updates

Here we publish all security instructions in PDF format. Just click on the information you want to view.

Statement on the security gap in the Java library Log4j

As the media have already reported, there is currently a critical security gap in the Java library Log4j. According to the Federal Office for Information Security (BSI) in Germany, this gap leads to a critical threat situation for applications based on it.

We have intensively tested our products for the use of Log4j.

So far, Log4j is known to be used for the WAGO Smart Script labelling software from version 4.2. The security gap will be closed with Smart Script version 4.8.1.4, which is already available.

Download version 4.8.1.4: https://www.wago.com/global/d/swreg_smartscript_4_x_c. An advisory is also in preparation.

With this latest software update you will automatically receive all update information for the Smart Script Marking Software.

All other WAGO products are not affected by the security vulnerability in Log4j, as this library or technology is not used.

Should new findings emerge in the course of the investigations, we will inform you shortly.

If you have any further questions, please do not hesitate to contact our support team (support.de@wago.com).

Cybersecurity in Critical Infrastructure (KRITIS)

WAGO’s diverse selection of automation technology has put to use in numerous applications, for many years, in different industries around the world. That’s why it makes so much sense for external IT security experts to take a very close look at it – since doing so provides even greater cybersecurity with WAGO components. How so? Because our systems are being continually put to the test, constant updates make them more and more secure.

This is especially helpful in terms of our commitment to the energy industry, since attackers on the network often focus precisely on sensitive critical infrastructure (KRITIS). To get ahead of unauthorized access attempts, external security experts are constantly and proactively stressing our automation components in order to identify potential risks at an early stage. This gives us and our partners the opportunity not only to identify any security vulnerabilities early on, but also to fix them promptly – before they can be exploited.

WAGO’s “Product Security Incident Response Team” (PSIRT) provides you with information on security vulnerabilities, including security advisories, in an RSS feed, so you’re always up to date.

Contact details

For further questions, please contact our support:

How do you report security vulnerabilities to WAGO?