Back to overview

WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways

VDE-2022-008
Last update
04/07/2022 08:00
Published at
04/07/2022 08:00
Vendor(s)
Weidmueller Interface GmbH & Co. KG
External ID
VDE-2022-008
CSAF Document
Download

Summary

Multiple issues have been found in the affected products. See CVE descriptions for details.

Impact

These vulnerabilities may allow an attacker to DoS affected devices or access sensitive information or gain administrative access. See vulnerability descriptions for details.

Affected Product(s)

Model no. Product name Affected versions
1504460000 IE-GW-MB-2TX-1RS232/485 Firmware V1.0 (Build 14050818)
1504470000 IE-GWT-MB-2TX-1RS232/485 Firmware V1.0 (Build 14050818)

Vulnerabilities

Expand / Collapse all

Published
09/22/2025 14:58
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE-120)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2).

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Weak Password Requirements (CWE-521)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing account passwords.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness
Use of Insufficiently Random Values (CWE-330)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness
Integer Overflow or Wraparound (CWE-190)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An Integer overflow in the built-in web server allows remote attackers to initiate DoS.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness
Cleartext Transmission of Sensitive Information (CWE-319)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness
Cleartext Storage of Sensitive Information (CWE-312)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker can access sensitive information (e.g., conduct username disclosure attacks) on the built-in WEB-service without authorization.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:58
Severity
5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Weakness
()
Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service.

References
cve.org | nvd.nist.gov

Remediation

For all potential vulnerabilities, customers can download a patched firmware to secure their Modbus TCP/RTU Gateways properly.
Please download and install the latest firmware for your device by following the procedure below:

  1. Go to www.weidmueller.com (external link).
  2. Enter the product number of the Modbus TCP/RTU Gateway you want to update into the search field and press "Enter".
  3. On the next page, expand the drop-down menu "SHOW DOWNLOADS".
  4. Download the respective firmware from the download table.
  5. Install the firmware on your device.

Find below the appropriate patched firmware versions for all affected products:

Product number Product name Patched firmware version
1504460000 IE-GW-MB-2TX-1RS232/485 V2.1 (Build 21072817)
1504470000 IE-GWT-MB-2TX-1RS232/485 V2.1 (Build 21072817)

Revision History

Version Date Summary
1 04/07/2022 08:00 Initial revision.