VDE-2026-013
Last update
07.04.2026 10:00
Published at
07.04.2026 10:00
Vendor(s)
Helmholz GmbH & Co. KG
External ID
VDE-2026-013
CSAF Document
Summary
Vulnerabilities in PROFINET-Switch devices with firmware <= V1.12.010 that allow an attacker to gain control over the device.
Impact
Full control over the device is possible if attacker exchanges traffic over a longer time. For details see CVE description.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| 700-850-16P01 | FLEXtra FLAT PROFINET-Switch 16-Port | Firmware 1.12.015, Firmware <=1.12.015 |
| 700-850-4PS01 | FLEXtra FLAT PROFINET-Switch 4-Port | Firmware <=1.12.015, Firmware 1.12.015 |
| 700-850-8PS01 | FLEXtra FLAT PROFINET-Switch 8-Port | Firmware <=1.12.015, Firmware 1.12.015 |
| 700-857-8PS01 | FLEXtra IP67 PROFINET-Switch 8-Port | Firmware 1.12.015, Firmware <=1.12.015 |
Vulnerabilities
Expand / Collapse all
Published
07.04.2026 08:33
Severity
Weakness
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
Summary
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
References
Remediation
Update to latest version: 1.12.100
Acknowledgments
Helmholz GmbH & Co. KG thanks the following parties for their efforts:
- CERT@VDE for coordination (see https://certvde.com )
- BMW from BMW Manufacturing Co., LLC for reporting (see https://www.bmwusfactory.com )
Revision History
| Version | Date | Summary |
|---|---|---|
| 1.0.0 | 07.04.2026 10:00 | Initial revision. |