Detections
Analytics

CVE-2019-12549

critical

Description

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-164-02

https://cert.vde.com/en-us/advisories/vde-2019-013

https://www.wago.com/us/

Details

Source: Mitre, NVD

Published: 2019-06-17

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0084