Share: Email | Twitter

ID

VDE-2025-030

Published

2025-07-07 12:00 (CEST)

Last update

2025-07-04 11:20 (CEST)

Vendor(s)

Frauscher Sensortechnik GmbH

Product(s)

Article No° Product Name Affected Version(s)
FDS101 <= v1.4.25
FDS102 v2.8.0 < v2.13.3
FDS102 < v2.13.3
FDS-SNMP101 <= v.2.3.9

Summary

Frauscher Sensortechnik FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi R2 and all previous versions are vulnerable to OS Command Injection via malicious configuration file.

Vulnerabilities



Last Update
4. Juli 2025 10:56
Weakness
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Summary

A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command ('OS Command Injection') while uploading a config file via webUI.

Last Update
4. Juli 2025 10:57
Weakness
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Summary

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command ('OS Command Injection') when loading a config file from a USB drive.

Impact

This enables a remote or a local attacker to gain full control of the FDS101/FDS-SNMP101/FDS102 device.

Solution

Mitigation

Security-related application conditions SecRAC:

  • The railway operator must ensure that only authorised personnel or people in the company of authorised personnel have access to the Frauscher Diagnostic System FDS101/FDS-SNMP101/FDS102. This applies for both vulnerabilities.

  • The recommendation is to connect the Frauscher Diagnostic System FDS102 to a network of category 2. If the Frauscher Diagnostic System FDS102 is connected to a network of category 3 (according to EN 50159:2010), then additional protective measures must be added. This applies for CVE-2025-3626.

Remediation

Update to FDS102 v2.13.3

Reported by

CERT@VDE coordinated with Frauscher Sensortechnik GmbH