Share: Email | Twitter

ID

VDE-2025-044

Published

2025-05-27 11:00 (CEST)

Last update

2025-05-23 11:42 (CEST)

Vendor(s)

Weidmueller Interface GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
E-SW-VL08MT-8TX < 3.5.36
IE-SW-PL10M-3GT-7TX < 3.3.34
IE-SW-PL10MT-3GT-7TX < 3.3.34
IE-SW-PL16M-16TX < 3.4.32
IE-SW-PL16MT-16TX < 3.4.32
IE-SW-PL18M-2GC-16TX < 3.4.40
IE-SW-PL18MT-2GC-16TX < 3.4.40
IE-SW-VL05M-5TX < 3.6.32
IE-SW-VL05MT-5TX < 3.6.32
IE-SW-VL08MT-5TX-1SC-2SCS < 3.5.36
IE-SW-VL08MT-6TX-2SC < 3.5.36
IE-SW-VL08MT-6TX-2SCS < 3.5.36
IE-SW-VL08MT-6TX-2ST < 3.5.36

Summary

Weidmueller industrial ethernet switches are affected by multiple vulnerabilities.

Weidmueller has released new firmwares of the affected products to fix the vulnerabilities.

Vulnerabilities



CVE-2025-41651
9.8
Last Update
May 26, 2025, 10:41 a.m.
Severity
9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Weakness
Missing Authentication for Critical Function (CWE-306)
Summary

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise.

Details
cert.vde.com 
CVE-2025-41652
9.8
Last Update
May 26, 2025, 10:42 a.m.
Severity
9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Weakness
Reliance on Security Through Obscurity (CWE-656)
Summary

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes, potentially compromising the device.

Details
cert.vde.com 
CVE-2025-41649
7.5
Last Update
May 23, 2025, 11:38 a.m.
Severity
7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Weakness
Out-of-bounds Write (CWE-787)
Summary

An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices.

Details
cert.vde.com 
CVE-2025-41650
7.5
Last Update
May 23, 2025, 11:39 a.m.
Severity
7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Weakness
Improper Validation of Specified Type of Input (CWE-1287)
Summary

An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.

Details
cert.vde.com 
CVE-2025-41653
7.5
Last Update
May 26, 2025, 10:43 a.m.
Severity
7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Weakness
Insufficient Resource Pool (CWE-410)
Summary

An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header, potentially causing the server to crash or become unresponsive.

Details
cert.vde.com 

Impact

Weidmueller industrial ethernet switches are vulnerable to multiple vulnerabilities. The security of the devices may be compromised. Further information can be found under vulnerability details.

Solution

General Recommendation

As a general security measure, Weidmueller strongly recommends minimizing network exposure of products. Limit access to trusted networks by using appropriate mechanisms.

Remediation

Update to the new version as listed in the following table:

Product Affected Version Fixed Version
IE-SW-VL05M-5TX <V3.6.32 V3.6.32
IE-SW-VL05MT-5TX
IE-SW-VL08MT-8TX <V3.5.36 V3.5.36
IE-SW-VL08MT-5TX-1SC-2SCS
IE-SW-VL08MT-6TX-2SC
IE-SW-VL08MT-6TX-2ST
IE-SW-VL08MT-6TX-2SCS
IE-SW-PL10M-3GT-7TX <V3.3.34 V3.3.34
IE-SW-PL10MT-3GT-7TX
IE-SW-PL16M-16TX <V3.4.32 V3.4.32
IE-SW-PL16MT-16TX
IE-SW-PL18M-2GC-16TX <V3.4.40 V3.4.40
IE-SW-PL18MT-2GC-16TX

Reported by

CERT@VDE coordinated with Weidmueller Interface GmbH & Co. KG