VDE-2025-002
Last update
05/22/2025 15:03
Published at
02/25/2025 12:00
Vendor(s)
Pepperl+Fuchs SE
External ID
VDE-2025-002
CSAF Document
Summary
An unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution.
Impact
An unauthenticated remote attacker can
• read confidential information from the device
• modify or delete data on the device
• execute code on the device
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0241B: Native Windows | PC9****-*, PC82****-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0242H: VisuNet RM Shell 5 | BTC01-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0243M: VisuNet RM Shell 5 | RM82***-*, RM9***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0244N: VisuNet RM Shell 5 | RM2***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0249M: VisuNet RM Shell 5 | RM37***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0250B: Native Windows | PC82****-*, PC9****-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0259: Native Windows | PC2***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0261: Native Windows | PC97**-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0269: Native Windows | PC37***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0274J: VisuNet RM Shell 5 | RM2***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0280A: Native Windows | BTC12-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 118-0281E: VisuNet RM Shell 5 | RM37***-*, RM2***-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 18-33385C: Native Windows | PCU1*100-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 18-33416N: VisuNet RM Shell 5 | TCU1*00-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 18-33582M: VisuNet RM Shell 5 | BTC12-* | |
| Windows 10 IoT Enterprise LTSB 2016 < KB5041773 default component of Image <= 18-33834F: VisuNet RM Shell 5 | BTC14-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34023C: VisuNet RM Shell 5 | TCU1*00-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34024A: Native Windows | PCU1*100-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34055D: Native Windows | BPC3200-*, PC-320-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34068A: VisuNet RM Shell 5 | BTC12-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34076C: VisuNet RM Shell 5 | BTC12-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34093E: VisuNet RM Shell 5 | BPC3200-*, RM-320-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34191C: VisuNet RM Shell 5 | BTC14-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34261A: VisuNet RM Shell 5 | RM37***-*, RM2***-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34263A: VisuNet RM Shell 5 | RM2***-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34264A: VisuNet RM Shell 5 | RM2***-*, RM37***-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34298A: VisuNet RM Shell 5 | RM82***-*, RM9***-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34308: VisuNet RM Shell 5 | BTC01-* | |
| Windows 10 IoT Enterprise LTSC 2019 < KB5041578 default component of Image <= 18-34309: VisuNet RM Shell 5 | TCU1*00-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34720C: VisuNet RM Shell 6 | TCU1*00-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34754C: VisuNet RM Shell 6 | TCU1*00-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34755D: VisuNet RM Shell 6 | BTC12-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34756D: VisuNet RM Shell 6 | BTC14-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34757D: VisuNet RM Shell 6 | RM-320-*, BPC3200-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34760C: VisuNet RM Shell 6 | BTC22-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34831: Native Windows | PCU1*100-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-34873: Native Windows | PC-320-*, BPC3200-* | |
| Windows 10 IoT Enterprise LTSC 2021 < KB5041580 default component of Image <= 18-35000: VisuNet RM Shell 6 | BTC24-* |
Vulnerabilities
Expand / Collapse all
Published
09/22/2025 14:57
Weakness
Integer Underflow (Wrap or Wraparound) (CWE-191)
Summary
Windows TCP/IP Remote Code Execution Vulnerability
References
Remediation
For the Windows Versions please install the '2024-08 Cumulative Update' from Microsoft.
For the RM Shell Versions please install:
RM Shell 5 based on Windows 10 LTSB 2016: 18-33624T Windows Cumulative Security Patch - 2024-08 for RM Image 5 based on Windows 10 LTSB 2016 (KB5041773) found at Thin Client Firmware VisuNet RM Shell 5 (2016 LTSB) (pepperl-fuchs.com).
RM Shell 5 based on Windows 10 LTSC 2019: 18-34182G Windows Cumulative Security Patch - 2024-08 for RM Image 5.5 based on Windows 10 LTSC 2019 (KB5041578) found at Thin Client Firmware VisuNet RM Shell 5 (2019 LTSC) (pepperl-fuchs.com).
RM Shell 6 based on Windows 10 LTSC 2021: 18-34927A RM Image Security Patch - Windows Cumulative Security Patch 2024-08 (KB5041580) and .Net (KB5042056) found at Thin Client Firmware VisuNet RM Shell 6 (pepperl-fuchs.com).
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 02/25/2025 12:00 | Initial revision. |
| 2 | 04/10/2025 15:00 | fixed reference urls |
| 3 | 05/22/2025 15:03 | Fix: added distribution, quotation mark |