Weidmueller: >> Ie-Wl-Bl-Ap-Cl-Us Firmware >> 1.16.18 Security Vulnerabilities
In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-06-25
In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic keys within the service agent binary allows for the decryption of captured traffic across the network from or to the device.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-06-25
Page 2