VDE-2025-032
Vulnerability from csaf_wiesemanntheisgmbh - Published: 2025-05-06 10:00 - Updated: 2025-05-06 10:00Summary
Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting
Notes
Summary: Multiple W&T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via crafted payloads injected into several input fields of the configuration webpage.
Remediation: All products are EoL.
For the following products we strongly recommend upgrading the firmware:
* Web-IO Digital Logger 6xIn upgrade to 3.84
* Web-Count 6x Digital upgrade to 3.84
* Web-IO Digital 12xIn/12xOut upgrade to 4.08
For the other products there will be no updates available.
Impact: Multiple W&T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage.
An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact.
5.4 (Medium)
Mitigation
Access to the WBM should be limited to trustworthy networks or peers.
Vendor Fix
All products are EoL.
For the following products we strongly recommend upgrading the firmware:
Web-IO Digital Logger 6xIn upgrade to 3.84,
Web-Count 6x Digital upgrade to 3.84,
Web-IO Digital 12xIn/12xOut upgrade to 4.08. For the other products there will be no updates available.
References
Acknowledgments
CERTVDE
certvde.com/en/
{
"document": {
"acknowledgments": [
{
"organization": "CERTVDE",
"summary": "Coordination",
"urls": [
"https://certvde.com/en/"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple W\u0026T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via crafted payloads injected into several input fields of the configuration webpage.",
"title": "Summary"
},
{
"category": "description",
"text": "All products are EoL. \nFor the following products we strongly recommend upgrading the firmware:\n* Web-IO Digital Logger 6xIn upgrade to 3.84\n* Web-Count 6x Digital upgrade to 3.84\n* Web-IO Digital 12xIn/12xOut upgrade to 4.08\n\nFor the other products there will be no updates available.\n",
"title": "Remediation"
},
{
"category": "description",
"text": "Multiple W\u0026T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage.",
"title": "Impact"
}
],
"publisher": {
"category": "vendor",
"contact_details": "security@wut.de",
"name": "Wiesemann \u0026 Theis GmbH",
"namespace": "https://www.wut.de"
},
"references": [
{
"category": "self",
"summary": "VDE-2025-032: Wiesemann \u0026 Theis: Multiple W\u0026T Products are vulnerable to cross-site-scripting - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-032/"
},
{
"category": "self",
"summary": "VDE-2025-032: Wiesemann \u0026 Theis: Multiple W\u0026T Products are vulnerable to cross-site-scripting - CSAF",
"url": "https://wut.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-032.json"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Wiesemann \u0026 Theis",
"url": "https://certvde.com/de/advisories/vendor/wut/"
}
],
"title": "Wiesemann \u0026 Theis: Multiple W\u0026T Products are vulnerable to cross-site-scripting",
"tracking": {
"aliases": [
"VDE-2025-032"
],
"current_release_date": "2025-05-06T10:00:00.000Z",
"generator": {
"date": "2025-04-30T09:42:22.180Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.18"
}
},
"id": "VDE-2025-032",
"initial_release_date": "2025-05-06T10:00:00.000Z",
"revision_history": [
{
"date": "2025-05-06T10:00:00.000Z",
"number": "1",
"summary": "Initial revision"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Web-IO Analog-In/Out 0/4..20mA PoE",
"product": {
"name": "Web-IO Analog-In/Out 0/4..20mA PoE",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"57661"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Analog-In/Out 2x 0..10V PoE",
"product": {
"name": "Web-IO Analog-In/Out 2x 0..10V PoE",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"57662"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph 2x",
"product": {
"name": "Web-Thermograph 2x",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"57607"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph 8x",
"product": {
"name": "Web-Thermograph 8x",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"57608"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph NTC",
"product": {
"name": "Web-Thermograph NTC",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"57609"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph Pt100",
"product": {
"name": "Web-Thermograph Pt100",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"57610"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermo-Hygrobarograph",
"product": {
"name": "Web-Thermo-Hygrobarograph",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"57613"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph NTC PoE",
"product": {
"name": "Web-Thermograph NTC PoE",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"57614"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph Pt100 / Pt1000 PoE",
"product": {
"name": "Web-Thermograph Pt100 / Pt1000 PoE",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"57615"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermograph Relais",
"product": {
"name": "Web-Thermograph Relais",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"57616"
]
}
}
},
{
"category": "product_name",
"name": "Web-Graph Air Quality",
"product": {
"name": "Web-Graph Air Quality",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"57618"
]
}
}
},
{
"category": "product_name",
"name": "Web-Thermo-Hygrograph",
"product": {
"name": "Web-Thermo-Hygrograph",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"57620"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO 12x Digital Input, 6x Digital Relais",
"product": {
"name": "Web-IO 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-11013",
"product_identification_helper": {
"model_numbers": [
"57634N"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 2xIn, 2xOut",
"product": {
"name": "Web-IO Digital 2xIn, 2xOut",
"product_id": "CSAFPID-11014",
"product_identification_helper": {
"model_numbers": [
"57637N"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 12xIn, 12xOut",
"product": {
"name": "Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-11015",
"product_identification_helper": {
"model_numbers": [
"57630M"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 12xIn, 12xOut, 1xRS232",
"product": {
"name": "Web-IO Digital 12xIn, 12xOut, 1xRS232",
"product_id": "CSAFPID-11016",
"product_identification_helper": {
"model_numbers": [
"57631M"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO 12x Digital Input, 6x Digital Relais",
"product": {
"name": "Web-IO 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-11017",
"product_identification_helper": {
"model_numbers": [
"57634M"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 12xIn, 12xOut",
"product": {
"name": "Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-11018",
"product_identification_helper": {
"model_numbers": [
"57630"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 12xIn, 12xOut, 1xRS232",
"product": {
"name": "Web-IO Digital 12xIn, 12xOut, 1xRS232",
"product_id": "CSAFPID-11019",
"product_identification_helper": {
"model_numbers": [
"57631"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 2xIn, 2xOut",
"product": {
"name": "Web-IO Digital 2xIn, 2xOut",
"product_id": "CSAFPID-11020",
"product_identification_helper": {
"model_numbers": [
"57633"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO 12x Digital Input, 6x Digital Relais",
"product": {
"name": "Web-IO 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-11021",
"product_identification_helper": {
"model_numbers": [
"57634"
]
}
}
},
{
"category": "product_name",
"name": "ERP-Gateway 2x Digital Input, 2x Digital Output",
"product": {
"name": "ERP-Gateway 2x Digital Input, 2x Digital Output",
"product_id": "CSAFPID-11022",
"product_identification_helper": {
"model_numbers": [
"57635"
]
}
}
},
{
"category": "product_name",
"name": "ERP-Gateway 12x Digital Input, 6x Digital Relais",
"product": {
"name": "ERP-Gateway 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-11023",
"product_identification_helper": {
"model_numbers": [
"57636"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 2xIn, 2xOut",
"product": {
"name": "Web-IO Digital 2xIn, 2xOut",
"product_id": "CSAFPID-11024",
"product_identification_helper": {
"model_numbers": [
"57637"
]
}
}
},
{
"category": "product_name",
"name": "ERP-Gateway 2x Digital PoE",
"product": {
"name": "ERP-Gateway 2x Digital PoE",
"product_id": "CSAFPID-11025",
"product_identification_helper": {
"model_numbers": [
"57638"
]
}
}
},
{
"category": "product_name",
"name": "Web-Alarm 6x6 DigitalWeb-Alarm 6x6 Digital",
"product": {
"name": "Web-Alarm 6x6 DigitalWeb-Alarm 6x6 Digital",
"product_id": "CSAFPID-11026",
"product_identification_helper": {
"model_numbers": [
"57651"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital Logger 6xIn, 6xOut",
"product": {
"name": "Web-IO Digital Logger 6xIn, 6xOut",
"product_id": "CSAFPID-11027",
"product_identification_helper": {
"model_numbers": [
"57650"
]
}
}
},
{
"category": "product_name",
"name": "Web-Count 6x Digital",
"product": {
"name": "Web-Count 6x Digital",
"product_id": "CSAFPID-11028",
"product_identification_helper": {
"model_numbers": [
"57652"
]
}
}
},
{
"category": "product_name",
"name": "Web-IO Digital 12xIn, 12xOut",
"product": {
"name": "Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-11029",
"product_identification_helper": {
"model_numbers": [
"57630N"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Firmware vers:all/*",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "\u003c3.70",
"product": {
"name": "Firmware \u003c3.70",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "\u003c3.79",
"product": {
"name": "Firmware \u003c3.79",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version_range",
"name": "\u003c4.08",
"product": {
"name": "Firmware \u003c4.08",
"product_id": "CSAFPID-21004"
}
},
{
"category": "product_version",
"name": "3.84",
"product": {
"name": "Firmware 3.84",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version",
"name": "4.08",
"product": {
"name": "Firmware 4.08",
"product_id": "CSAFPID-22002"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "VENDOR_NAME"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029"
],
"summary": "Affected Products\n"
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003"
],
"summary": "Fixed Products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Analog-In/Out 2x 0/4..20mA PoE",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Analog-In/Out 2x 0..10V PoE",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph 2x",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph 8x",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph NTC",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph Pt100 / Pt1000",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermo-Hygrobarograph",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph NTC PoE",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph Pt100 / Pt1000 PoE",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermograph Relais",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Graph Air Quality",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Thermo-Hygrograph",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 2xIn, 2xOut",
"product_id": "CSAFPID-31014"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 12xIn, 12xOut, 1xRS232",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-31018"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 12xIn, 12xOut, 1xRS232",
"product_id": "CSAFPID-31019"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11019"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 2xIn, 2xOut",
"product_id": "CSAFPID-31020"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11020"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-31021"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11021"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on ERP-Gateway 2x Digital Input, 2x Digital Output",
"product_id": "CSAFPID-31022"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11022"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on ERP-Gateway 12x Digital Input, 6x Digital Relais",
"product_id": "CSAFPID-31023"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11023"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-IO Digital 2xIn, 2xOut",
"product_id": "CSAFPID-31024"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11024"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on ERP-Gateway 2x Digital PoE",
"product_id": "CSAFPID-31025"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11025"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Web-Alarm 6x6 DigitalWeb-Alarm 6x6 Digital",
"product_id": "CSAFPID-31026"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11026"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c3.70 installed on Web-IO Digital Logger 6xIn, 6xOut",
"product_id": "CSAFPID-31027"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11027"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c3.79 installed on Web-Count 6x Digital",
"product_id": "CSAFPID-31028"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11028"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c4.08 installed on Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-31029"
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11029"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.84 installed on Web-IO Digital Logger 6xIn, 6xOut",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11027"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 3.84 installed on Web-Count 6x Digital",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11028"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 4.08 installed on Web-IO Digital 12xIn, 12xOut",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11029"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-3020",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Access to the WBM should be limited to trustworthy networks or peers. ",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "All products are EoL. \nFor the following products we strongly recommend upgrading the firmware:\nWeb-IO Digital Logger 6xIn upgrade to 3.84, \nWeb-Count 6x Digital upgrade to 3.84, \nWeb-IO Digital 12xIn/12xOut upgrade to 4.08. For the other products there will be no updates available.\n",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 5.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019",
"CSAFPID-31020",
"CSAFPID-31021",
"CSAFPID-31022",
"CSAFPID-31023",
"CSAFPID-31024",
"CSAFPID-31025",
"CSAFPID-31026",
"CSAFPID-31027",
"CSAFPID-31028",
"CSAFPID-31029"
]
}
],
"title": "CVE-2025-3020"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…