Weidmueller has issued firmware updates to many of its operated industrial Ethernet switches to fix critical vulnerabilities, based in Germany.
Weidmueller has six production facilities and a presence worldwide in 60 locations. According to the Cybersecurity and Infrastructure Security Agency of the DHS (CISA), the goods affected are used around the globe, particularly in key sectors of production and IT.
Recent CISA, CERT@VDE, and Weidmuller advisories indicate that there are five forms of vulnerabilities with 40 switches of the IE-SW series.
The most serious problems are the lack of brute force security for the authentication function, credential transmission in clear text, and the use of generic authentication data in a cookie. With a CVSS score of 9.8, all of these questions are considered critical.
The mechanical switches are also plagued by a high-gravity key processing error. This vulnerability allows anyone to extract passwords from the computer.
Weidmueller eventually found a medium-size problem allowing an authenticated remote intruder to crash the system with specifically designed packages.
For each of the impacted switches, Weidmueller has released firmware updates. Users are also told that their phones can only be programmed to use encrypted connections to prevent attacks of some kinds. Many vulnerabilities are due to the use of an unencrypted, deactivated search service— a crypted search service is provided.
The supplier has given detailed instructions on how to implement mitigation.