Back to overview

Weidmueller: Authentication Vulnerability in PROCON-WIN 5

VDE-2025-021
Last update
05/14/2025 15:26
Published at
03/05/2025 10:00
Vendor(s)
Weidmueller Interface GmbH & Co. KG
External ID
VDE-2025-021
CSAF Document
Download

Summary

Weidmüller product PROCON-WIN is affected by hard-coded credentials.

Weidmüller has released a new version of the affected product to fix the vulnerability.

Impact

An unauthenticated remote attacker can exploit the product to gain unauthorized administration privileges due to hard-coded credentials.

Affected Product(s)

Model no. Product name Affected versions
PROCON-WIN <5.7.14.1 PROCON-WIN <5.7.14.1

Vulnerabilities

Expand / Collapse all

Published
09/22/2025 14:57
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Use of Hard-coded Credentials (CWE-798)
Summary

An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.

References
cve.org | nvd.nist.gov

Remediation

Update to version 5.7.14.1

Revision History

Version Date Summary
1 03/05/2025 10:00 Initial version
2 05/14/2025 15:26 Fix: reference category