Share: Email | Twitter

ID

VDE-2025-021

Published

2025-03-05 09:00 (CET)

Last update

2025-03-03 10:58 (CET)

Vendor(s)

Weidmueller Interface GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
PROCON-WIN < 5.7.14.1

Summary

Weidmüller product PROCON-WIN is affected by hard-coded credentials.

Weidmüller has released a new version of the affected product to fix the vulnerability.

CVE ID

CVE-2025-1393

Last Update:

March 3, 2025, 10:56 a.m.

Severity

9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 

Weakness

Use of Hard-coded Credentials  (CWE-798) 

Details

certvde.com 

Impact

An unauthenticated remote attacker can exploit the product to gain unauthorized administration privileges due to hard-coded credentials.

Solution

Remediation

Update to version 5.7.14.1

Reported by

CERT@VDE coordinated with Weidmüller