VDE-2025-041 | CERT@VDE

2025-05-19 11:00 (CEST) VDE-2025-041

Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX

Share: Email | Twitter

ID

VDE-2025-041

Published

2025-05-19 11:00 (CEST)

Last update

2025-05-19 10:18 (CEST)

Vendor(s)

Weidmueller Interface GmbH & Co. KG

Product(s)

Article No°	Product Name	Affected Version(s)
	ResMa	< 3.7.4

Summary

Weidmueller product ResMa is affected by ASP.NET AJAX vulnerability.

Weidmueller has released a new firmware for the affected product to fix the vulnerability.

CVE ID

CVE-2025-3600

Last Update:

15. Mai 2025 08:57

Severity

7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Weakness

Uncontrolled Resource Consumption (CWE-400)

Summary

In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.

Details

nvd.nist.gov

Impact

The vulnerability can lead to a denial of service due to the application restarting.

Solution

General Recommendation

As a general security measure, Weidmueller strongly recommends minimizing network exposure of products. Limit access to trusted networks by using appropriate mechanisms.

Remediation

Update ResMa to the version 3.7.4

Reported by

CERT@VDE coordinated with Weidmueller Interface GmbH & Co. KG