VDE-2025-021
Last update
14.05.2025 15:26
Published at
05.03.2025 10:00
Vendor(s)
Weidmueller Interface GmbH & Co. KG
External ID
VDE-2025-021
CSAF Document
Summary
Weidmüller product PROCON-WIN is affected by hard-coded credentials.
Weidmüller has released a new version of the affected product to fix the vulnerability.
Impact
An unauthenticated remote attacker can exploit the product to gain unauthorized administration privileges due to hard-coded credentials.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| PROCON-WIN <5.7.14.1 | PROCON-WIN <5.7.14.1 |
Vulnerabilities
Expand / Collapse all
Published
24.09.2025 12:42
Severity
Weakness
Use of Hard-coded Credentials (CWE-798)
Summary
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
References
Remediation
Update to version 5.7.14.1
Acknowledgments
Weidmueller Interface GmbH & Co. KG thanks the following parties for their efforts:
- CERT@VDE for Support with this publication (see https://certvde.com )
- BSI for Support in the coordination of vulnerability (see https://www.bsi.bund.de )
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 05.03.2025 10:00 | Initial version |
| 2 | 14.05.2025 15:26 | Fix: reference category |