[ { "uid": "link_contact", "linkName": "Contact", "url": "/global/contact#wago-support-contact-anchor", "target": "_self", "classAttributes": "phone" } ] [{"term":"Libraries_BA","id":0,"type":"QUICKLINKS"},{"term":"Instructions","id":1,"type":"QUICKLINKS"},{"term":"WAGO-I/O-PRO","id":2,"type":"QUICKLINKS"},{"term":"Building","id":3,"type":"QUICKLINKS"},{"term":"221","id":4,"type":"QUICKLINKS"}]
MM-16928_Telecontrol_Cyber_Security_2000x2000.jpg

Cybersecurity – PSIRT at WAGO

When it comes to software and cybersecurity, the WAGO Product Security Incident Response Team (PSIRT) proactively supports you in protecting your existing industrial automation processes to the greatest possible extent. Whenever new potential threats arise, we provide you with recommendations, patches and updates as quickly as possible to minimize the risk.

However, we cannot uncover every vulnerability, so we depend on your help. If you notice anything relevant about our products or services, submit an incident report:

psirt@wago.com

Statement on the security gap in the Java library Log4j

As the media have already reported, there is currently a critical security gap in the Java library Log4j. According to the Federal Office for Information Security (BSI) in Germany, this gap leads to a critical threat situation for applications based on it.

We have intensively tested our products for the use of Log4j.

So far, Log4j is known to be used for the WAGO Smart Script labelling software from version 4.2. The security gap will be closed with Smart Script version 4.8.1.4, which is already available.

Download version 4.8.1.4: https://www.wago.com/global/d/swreg_smartscript_4_x_c. An advisory is also in preparation.

With this latest software update you will automatically receive all update information for the Smart Script Marking Software.

All other WAGO products are not affected by the security vulnerability in Log4j, as this library or technology is not used.

Should new findings emerge in the course of the investigations, we will inform you shortly.

If you have any further questions, please do not hesitate to contact our support team (support.de@wago.com).

Cybersecurity in Critical Infrastructure (KRITIS)

WAGO’s diverse selection of automation technology has put to use in numerous applications, for many years, in different industries around the world. That’s why it makes so much sense for external IT security experts to take a very close look at it – since doing so provides even greater cybersecurity with WAGO components. How so? Because our systems are being continually put to the test, constant updates make them more and more secure.

This is especially helpful in terms of our commitment to the energy industry, since attackers on the network often focus precisely on sensitive critical infrastructure (KRITIS). To get ahead of unauthorized access attempts, external security experts are constantly and proactively stressing our automation components in order to identify potential risks at an early stage. This gives us and our partners the opportunity not only to identify any security vulnerabilities early on, but also to fix them promptly – before they can be exploited.

WAGO’s “Product Security Incident Response Team” (PSIRT) provides you with information on security vulnerabilities, including security advisories, in an RSS feed, so you’re always up to date.

Contact details

For further questions, please contact our support:

How do you report security vulnerabilities to WAGO?

Help make industrial automation more secure – report incidents and security issues.

Your report should contain the following information:

  • Product/application in question
  • Description of the vulnerability
  • If available: proof of concept

Contact details

Please report any incidents either directly to the WAGO PSIRT Team or to CERT@VDE.

If you have questions about security vulnerabilities of WAGO products or are unsure whether security vulnerabilities are relevant to your WAGO product, feel free to contact our WAGO support team.

The WAGO support team assists you with issues related to:

  • Security vulnerabilities
  • WAGO products

Contact details

For questions about security vulnerabilities or WAGO products, please contact:

Current reports are available here

News

You can find the latest reports on product vulnerabilities at WAGO and security advisories here.

Subscribe to RSS feed

Subscribe to our RSS feed so you won’t miss a single new WAGO PSIRT report.

RSS Feed for Smartphone or Tablet

You need a feed reader (e.g., Feedly), which you can download from the App Store or Play Store.
Copy the Link of the feed:
https://www.wago.com/global/rss/psirt/rss.xml
Add this Link directly to your feed reader on your smartphone or tablet.

At a Glance:

  • Download a feed reader from the App Store or Play Store. 

  • Add the Link of the feed to your feed reader.

RSS Feed in Outlook

Copy the Link of the RSS feed:
https://www.wago.com/global/rss/psirt/rss.xml
In Outlook, search your folders for the “RSS Feeds” folder. Right-click on the folder and select “Add a New RSS Feed.”
In the dialog field, you can now add the Link of the RSS feed.

At a Glance:

  • Search for the Outlook folder “RSS Feeds.”

  • Select “Add a New RSS Feed.”

  • Enter the Link of the RSS feed in the dialog field.

RSS Feed in a Browser

Create an account with a feed reader, such as Feedly
Copy the Link of the RSS feed:
https://www.wago.com/global/rss/psirt/rss.xml
Add the Link to your feed reader.

At a Glance:

  • Create an account with a feed reader.

  • Add the Link of the RSS feed to the feed reader. 

The RSS-Feed of the CERT@VDE

The CERT@VDE also offers you an RSS feed: https://cert.vde.com/en/advisories/vendor/wago/feeds/rss/

Add the Link to your feed reader.

WAGO Cybersecurity Instructions:
We will gladly answer your questions.

Product Security Incident Response-Team bei WAGO

Additional service offerings:

Recommended Reading

WAGO Products and Solutions

Controllers PFC100

Maximum performance, minimum size. WAGO's PFC100 Controller is ideal for use in both the process industry as well as in machinery and equipment manufacturing.

controller_pfc100_b150326_11_plc_pfc100_0750_8101_0025_000_2000x1500.jpg

Controllers PFC200

The efficient controller for your automation project – thanks to CODESYS 3 and Linux®. Includes higher cybersecurity standards for secure design, control and visualization of your project.

controller_neu_pfc200_p_ur_0750_8206_000_xx_2000x1125.jpg

Controller PFC200 XTR

Built for extreme environments and explicit hazardous areas. With this solution from WAGO, you control where other controllers cannot and dare not go.

controller_pfc200-xtr_p_ur_0750_8206_0040_0000_000_xx_2000x1500.jpg

Control Included

We unite what belongs together anyway: WAGO's high-performance hardware and the future-ready Linux® operating system.

embedded-linux_2000x2000px.jpg

This May Also Interest You

Related Topics and Products

Digitization

For Tomorrow's World – Cross-communication via cloud or smart automation: While industrial digitalization has many facets and presents even more opportunities, cybersecurity is a major challenge.

digitalisierung_prozessanlage_vernetzung_industrie-4-0_2000x1500.jpg

Cybersecurity

Protecting Intelligent Connections – As digitalization progresses, it is vital that production data receives a high protection class. WAGO helps you secure valuable data with smart products and solutions.

digitalisierung_cyber-security_rechnerkabel_mann_tablet_GettyImages-513087873_2000x1500.jpg