VDE-2025-023
Vulnerability from csaf_weidmuellerinterfacegmbhcokg - Published: 2025-03-05 08:00 - Updated: 2025-03-05 11:00Summary
Weidmueller: OpenSSL vulnerability in industrial ethernet switches
Severity
Medium
Notes
Summary: Multiple Weidmueller products are affected by an OpenSSL vulnerability.
Weidmüller has released new firmwares of the affected products to fix the vulnerability.
General Recommendation: As a general security measure, Weidmüller strongly recommends minimizing network exposure of products. Limit access to trusted networks by using appropriate mechanisms.
Impact: Weidmüller products are vulnerable to a birthday attack referred to as SWEET32. When exploited, the vulnerability may lead to the unauthorized disclosure of information.
Remediation: Update to new version as listed below.
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32037 | — | ||
| Unresolved product id: CSAFPID-32038 | — | ||
| Unresolved product id: CSAFPID-32039 | — | ||
| Unresolved product id: CSAFPID-32040 | — | ||
| Unresolved product id: CSAFPID-32041 | — | ||
| Unresolved product id: CSAFPID-32042 | — | ||
| Unresolved product id: CSAFPID-32043 | — | ||
| Unresolved product id: CSAFPID-32044 | — | ||
| Unresolved product id: CSAFPID-32045 | — | ||
| Unresolved product id: CSAFPID-32046 | — | ||
| Unresolved product id: CSAFPID-32047 | — | ||
| Unresolved product id: CSAFPID-32048 | — | ||
| Unresolved product id: CSAFPID-32049 | — |
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31024 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31025 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31026 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31027 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31028 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31029 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31030 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31031 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31032 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31033 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31034 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31035 | — |
Vendor Fix
|
|
| Unresolved product id: CSAFPID-31036 | — |
Vendor Fix
|
References
4 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "Support with this publication",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document",
"text": "Medium"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "Multiple Weidmueller products are affected by an OpenSSL vulnerability.\n\nWeidm\u00fcller has released new firmwares of the affected products to fix the vulnerability.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Weidm\u00fcller strongly recommends minimizing network exposure of products. Limit access to trusted networks by using appropriate mechanisms. ",
"title": "General Recommendation"
},
{
"category": "description",
"text": "Weidm\u00fcller products are vulnerable to a birthday attack referred to as SWEET32. When exploited, the vulnerability may lead to the unauthorized disclosure of information.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to new version as listed below.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@weidmueller.com",
"name": "Weidmueller Interface GmbH \u0026 Co. KG",
"namespace": "https://www.weidmueller.com"
},
"references": [
{
"category": "external",
"summary": "Weidm\u00fcller Security Advisory Board",
"url": "https://support.weidmueller.com/support-center/popular-resources/security-advisory-board"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Weidm\u00fcller",
"url": "https://certvde.com/de/advisories/vendor/weidmueller/"
},
{
"category": "self",
"summary": "VDE-2025-023: Weidmueller: OpenSSL vulnerability in industrial ethernet switches - HTML",
"url": "https://certvde.com/de/advisories/VDE-2025-023"
},
{
"category": "self",
"summary": "VDE-2025-023: Weidmueller: OpenSSL vulnerability in industrial ethernet switches - CSAF",
"url": "https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-023.json"
}
],
"title": "Weidmueller: OpenSSL vulnerability in industrial ethernet switches",
"tracking": {
"aliases": [
"VDE-2025-023",
"WMSA-2500003"
],
"current_release_date": "2025-03-05T11:00:00.000Z",
"generator": {
"date": "2025-03-05T13:39:32.303Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.20"
}
},
"id": "VDE-2025-023",
"initial_release_date": "2025-03-05T08:00:00.000Z",
"revision_history": [
{
"date": "2025-03-05T08:00:00.000Z",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-05T11:00:00.000Z",
"number": "2",
"summary": "added categories to references"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IE-SW-VL05M-5TX",
"product": {
"name": "IE-SW-VL05M-5TX",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_name",
"name": "IE-SW-VL05MT-5TX",
"product": {
"name": "IE-SW-VL05MT-5TX",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_name",
"name": "IE-SW-VL08MT-8TX",
"product": {
"name": "IE-SW-VL08MT-8TX",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_name",
"name": "IE-SW-VL08MT-5TX-1SC-2SCS",
"product": {
"name": "IE-SW-VL08MT-5TX-1SC-2SCS",
"product_id": "CSAFPID-0004"
}
},
{
"category": "product_name",
"name": "IE-SW-VL08MT-6TX-2SC",
"product": {
"name": "IE-SW-VL08MT-6TX-2SC",
"product_id": "CSAFPID-0005"
}
},
{
"category": "product_name",
"name": "IE-SW-VL08MT-6TX-2ST",
"product": {
"name": "IE-SW-VL08MT-6TX-2ST",
"product_id": "CSAFPID-0006"
}
},
{
"category": "product_name",
"name": "IE-SW-VL08MT-6TX-2SCS",
"product": {
"name": "IE-SW-VL08MT-6TX-2SCS",
"product_id": "CSAFPID-0007"
}
},
{
"category": "product_name",
"name": "IE-SW-PL10M-3GT-7TX",
"product": {
"name": "IE-SW-PL10M-3GT-7TX",
"product_id": "CSAFPID-0008"
}
},
{
"category": "product_name",
"name": "IE-SW-PL10MT-3GT-7TX",
"product": {
"name": "IE-SW-PL10MT-3GT-7TX",
"product_id": "CSAFPID-0009"
}
},
{
"category": "product_name",
"name": "IE-SW-PL16M-16TX",
"product": {
"name": "IE-SW-PL16M-16TX",
"product_id": "CSAFPID-0010"
}
},
{
"category": "product_name",
"name": "IE-SW-PL16MT-16TX",
"product": {
"name": "IE-SW-PL16MT-16TX",
"product_id": "CSAFPID-0011"
}
},
{
"category": "product_name",
"name": "IE-SW-PL18M-2GC-16TX",
"product": {
"name": "IE-SW-PL18M-2GC-16TX",
"product_id": "CSAFPID-0012"
}
},
{
"category": "product_name",
"name": "IE-SW-PL18MT-2GC-16TX",
"product": {
"name": "IE-SW-PL18MT-2GC-16TX",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.6.30",
"product": {
"name": "Firmware \u003cV3.6.30",
"product_id": "CSAFPID-21014"
}
},
{
"category": "product_version_range",
"name": "\u003cV3.5.34",
"product": {
"name": "Firmware \u003cV3.5.34",
"product_id": "CSAFPID-21015"
}
},
{
"category": "product_version_range",
"name": "\u003cV3.3.32",
"product": {
"name": "Firmware \u003cV3.3.32",
"product_id": "CSAFPID-21016"
}
},
{
"category": "product_version_range",
"name": "\u003cV3.4.30",
"product": {
"name": "Firmware \u003cV3.4.30",
"product_id": "CSAFPID-21017"
}
},
{
"category": "product_version_range",
"name": "\u003cV3.4.38",
"product": {
"name": "Firmware \u003cV3.4.38",
"product_id": "CSAFPID-21018"
}
},
{
"category": "product_version",
"name": "V3.6.30",
"product": {
"name": "Firmware V3.6.30",
"product_id": "CSAFPID-22019"
}
},
{
"category": "product_version",
"name": "V3.5.34",
"product": {
"name": "Firmware V3.5.34",
"product_id": "CSAFPID-22020"
}
},
{
"category": "product_version",
"name": "V3.3.32",
"product": {
"name": "Firmware V3.3.32",
"product_id": "CSAFPID-22021"
}
},
{
"category": "product_version",
"name": "V3.4.30",
"product": {
"name": "Firmware V3.4.30",
"product_id": "CSAFPID-22022"
}
},
{
"category": "product_version",
"name": "V3.4.38",
"product": {
"name": "Firmware V3.4.38",
"product_id": "CSAFPID-22023"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Weidm\u00fcller"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032",
"CSAFPID-31033",
"CSAFPID-31034",
"CSAFPID-31035",
"CSAFPID-31036"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32037",
"CSAFPID-32038",
"CSAFPID-32039",
"CSAFPID-32040",
"CSAFPID-32041",
"CSAFPID-32042",
"CSAFPID-32043",
"CSAFPID-32044",
"CSAFPID-32045",
"CSAFPID-32046",
"CSAFPID-32047",
"CSAFPID-32048",
"CSAFPID-32049"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.6.30 installed on IE-SW-VL05M-5TX",
"product_id": "CSAFPID-31024"
},
"product_reference": "CSAFPID-21014",
"relates_to_product_reference": "CSAFPID-0001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.6.30 installed on IE-SW-VL05MT-5TX",
"product_id": "CSAFPID-31025"
},
"product_reference": "CSAFPID-21014",
"relates_to_product_reference": "CSAFPID-0002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.5.34 installed on IE-SW-VL08MT-8TX",
"product_id": "CSAFPID-31026"
},
"product_reference": "CSAFPID-21015",
"relates_to_product_reference": "CSAFPID-0003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.5.34 installed on IE-SW-VL08MT-5TX-1SC-2SCS",
"product_id": "CSAFPID-31027"
},
"product_reference": "CSAFPID-21015",
"relates_to_product_reference": "CSAFPID-0004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.5.34 installed on IE-SW-VL08MT-6TX-2SC",
"product_id": "CSAFPID-31028"
},
"product_reference": "CSAFPID-21015",
"relates_to_product_reference": "CSAFPID-0005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.5.34 installed on IE-SW-VL08MT-6TX-2ST",
"product_id": "CSAFPID-31029"
},
"product_reference": "CSAFPID-21015",
"relates_to_product_reference": "CSAFPID-0006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.5.34 installed on IE-SW-VL08MT-6TX-2SCS",
"product_id": "CSAFPID-31030"
},
"product_reference": "CSAFPID-21015",
"relates_to_product_reference": "CSAFPID-0007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.3.32 installed on IE-SW-PL10M-3GT-7TX",
"product_id": "CSAFPID-31031"
},
"product_reference": "CSAFPID-21016",
"relates_to_product_reference": "CSAFPID-0008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.3.32 installed on IE-SW-PL10MT-3GT-7TX",
"product_id": "CSAFPID-31032"
},
"product_reference": "CSAFPID-21016",
"relates_to_product_reference": "CSAFPID-0009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.4.30 installed on IE-SW-PL16M-16TX",
"product_id": "CSAFPID-31033"
},
"product_reference": "CSAFPID-21017",
"relates_to_product_reference": "CSAFPID-0010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.4.30 installed on IE-SW-PL16MT-16TX",
"product_id": "CSAFPID-31034"
},
"product_reference": "CSAFPID-21017",
"relates_to_product_reference": "CSAFPID-0011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.4.38 installed on IE-SW-PL18M-2GC-16TX",
"product_id": "CSAFPID-31035"
},
"product_reference": "CSAFPID-21018",
"relates_to_product_reference": "CSAFPID-0012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV3.4.38 installed on IE-SW-PL18MT-2GC-16TX",
"product_id": "CSAFPID-31036"
},
"product_reference": "CSAFPID-21018",
"relates_to_product_reference": "CSAFPID-0013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.6.30 installed on IE-SW-VL05M-5TX",
"product_id": "CSAFPID-32037"
},
"product_reference": "CSAFPID-22019",
"relates_to_product_reference": "CSAFPID-0001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.6.30 installed on IE-SW-VL05MT-5TX",
"product_id": "CSAFPID-32038"
},
"product_reference": "CSAFPID-22019",
"relates_to_product_reference": "CSAFPID-0002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.5.34 installed on IE-SW-VL08MT-8TX",
"product_id": "CSAFPID-32039"
},
"product_reference": "CSAFPID-22020",
"relates_to_product_reference": "CSAFPID-0003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.5.34 installed on IE-SW-VL08MT-5TX-1SC-2SCS",
"product_id": "CSAFPID-32040"
},
"product_reference": "CSAFPID-22020",
"relates_to_product_reference": "CSAFPID-0004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.5.34 installed on IE-SW-VL08MT-6TX-2SC",
"product_id": "CSAFPID-32041"
},
"product_reference": "CSAFPID-22020",
"relates_to_product_reference": "CSAFPID-0005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.5.34 installed on IE-SW-VL08MT-6TX-2ST",
"product_id": "CSAFPID-32042"
},
"product_reference": "CSAFPID-22020",
"relates_to_product_reference": "CSAFPID-0006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.5.34 installed on IE-SW-VL08MT-6TX-2SCS",
"product_id": "CSAFPID-32043"
},
"product_reference": "CSAFPID-22020",
"relates_to_product_reference": "CSAFPID-0007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.3.32 installed on IE-SW-PL10M-3GT-7TX",
"product_id": "CSAFPID-32044"
},
"product_reference": "CSAFPID-22021",
"relates_to_product_reference": "CSAFPID-0008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.3.32 installed on IE-SW-PL10MT-3GT-7TX",
"product_id": "CSAFPID-32045"
},
"product_reference": "CSAFPID-22021",
"relates_to_product_reference": "CSAFPID-0009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.4.30 installed on IE-SW-PL16M-16TX",
"product_id": "CSAFPID-32046"
},
"product_reference": "CSAFPID-22022",
"relates_to_product_reference": "CSAFPID-0010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.4.30 installed on IE-SW-PL16MT-16TX",
"product_id": "CSAFPID-32047"
},
"product_reference": "CSAFPID-22022",
"relates_to_product_reference": "CSAFPID-0011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.4.38 installed on IE-SW-PL18M-2GC-16TX",
"product_id": "CSAFPID-32048"
},
"product_reference": "CSAFPID-22023",
"relates_to_product_reference": "CSAFPID-0012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V3.4.38 installed on IE-SW-PL18MT-2GC-16TX",
"product_id": "CSAFPID-32049"
},
"product_reference": "CSAFPID-22023",
"relates_to_product_reference": "CSAFPID-0013"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2183",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "description",
"text": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.",
"title": "Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32037",
"CSAFPID-32038",
"CSAFPID-32039",
"CSAFPID-32040",
"CSAFPID-32041",
"CSAFPID-32042",
"CSAFPID-32043",
"CSAFPID-32044",
"CSAFPID-32045",
"CSAFPID-32046",
"CSAFPID-32047",
"CSAFPID-32048",
"CSAFPID-32049"
],
"known_affected": [
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032",
"CSAFPID-31033",
"CSAFPID-31034",
"CSAFPID-31035",
"CSAFPID-31036"
]
},
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-14T11:00:00.000Z",
"details": "Update to version V3.6.30",
"product_ids": [
"CSAFPID-31024",
"CSAFPID-31025"
]
},
{
"category": "vendor_fix",
"date": "2025-02-14T11:00:00.000Z",
"details": "Update to version V3.5.34",
"product_ids": [
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030"
]
},
{
"category": "vendor_fix",
"date": "2025-02-14T11:00:00.000Z",
"details": "Update to version V3.3.32",
"product_ids": [
"CSAFPID-31031",
"CSAFPID-31032"
]
},
{
"category": "vendor_fix",
"date": "2025-02-14T11:00:00.000Z",
"details": "Update to version V3.4.30",
"product_ids": [
"CSAFPID-31033",
"CSAFPID-31034"
]
},
{
"category": "vendor_fix",
"date": "2025-02-14T11:00:00.000Z",
"details": "Update to version V3.4.38",
"product_ids": [
"CSAFPID-31035",
"CSAFPID-31036"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"modifiedAttackVector": "ADJACENT_NETWORK",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/MAV:A",
"version": "3.1"
},
"products": [
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029",
"CSAFPID-31030",
"CSAFPID-31031",
"CSAFPID-31032",
"CSAFPID-31033",
"CSAFPID-31034",
"CSAFPID-31035",
"CSAFPID-31036"
]
}
],
"title": "CVE-2016-2183"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…