Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.
The MAC address filter as part of the firewall has a flaw, which prevents the MAC address filter to be active after restart. In this way a remote attacker is able to circumvent the MAC address filtering after a reboot of a device.
UPDATE A: Solution has updated release dates
UPDATE B: Solution has updated release dates
This Advisory is published with reference to:
During the installation of specific TRUMPF Windows applications, privileged local users with default usernames and passwords are created. An adversary could use these users to access and compromise the affected Windows systems and, under certain circumstances, other network resources.
The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.
See also: Siemens Advisory published October 11th, 2022 - SSA-313313
UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022)
Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements.
PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities.
The UWP 3.0 family of Monitoring Gateways and Controllers and the CPY Car Park Server are affected by multiple vulnerabilities in their set-up software, runtime firmware, embedded Web interface.
UPDATE A (19.10.2022): Added Control block-Set CPX-CEC-C1 and Control block-SET
CPX-CMXX to affected products.
Unauthenticated access to critical webpage functions (e.g. reboot) may cause a denial of service of the device.