VDE-2025-038 | CERT@VDE

2025-06-24 10:00 (CEST) VDE-2025-038

Helmholz: Vulnerabilities in myREX24/myREX24.virtual

Share: Email | Twitter

ID

VDE-2025-038

Published

2025-06-24 10:00 (CEST)

Last update

2025-06-16 12:03 (CEST)

Vendor(s)

Helmholz GmbH & Co. KG

Product(s)

Article No°	Product Name	Affected Version(s)
	myREX24	< 2.18.0
	myREX24	< 2.16.5
	myREX24.virtual	< 2.18.0
	myREX24.virtual	< 2.16.5

Summary

Two vulnerabilities in myREX24/myREX24.virtual can lead to user enumeration an password bypass.

Vulnerabilities

CVE-2025-3091

7.5

Last Update

June 16, 2025, 11:50 a.m.

Severity

7.5 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

Weakness

Authorization Bypass Through User-Controlled Key (CWE-639)

Summary

An low privileged remote attacker in possession of the second factor for another user can login as that user without knowledge of the other user`s password.

Details

certvde.com

CVE-2025-3092

7.5

Last Update

June 16, 2025, 11:51 a.m.

Severity

7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Weakness

Observable Response Discrepancy (CWE-204)

Summary

An unauthenticated remote attacker can enumerate valid user names from an unprotected endpoint.

Details

certvde.com

Impact

CVE-2025-3091: An attacker in possession of the second factor for an user can login as that user without knowledge of the password (first factor)

CVE-2025-3092: An unprotected endpoint can by used to enumerate valid user names.

Solution

Remediation

CVE-2025-3091: Update to latest version: 2.16.5

CVE-2025-3092: Update to latest version: 2.18.0

Reported by

CERT@VDE coordinated with Helmholz

Reporting: Peter Husted Simonsen, Irwin Przeperski from Eviden