VDE-2025-091

Vulnerability from csaf_murrelektronikgmbh - Published: 2025-10-14 10:00 - Updated: 2025-10-14 10:00
Summary
Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro
Severity
Low
Notes
Summary: The embedded web interface of the MURRELEKTRONIK IMPACT67 Pro PN DIO8 IOL8 transmits login credentials over unencrypted HTTP using a GET request. The device does not offer HTTPS/TLS support, exposing user credentials to passive interception by any attacker on the same network.
Impact: User credentials, sent to the devices Webserver, are exposed to an attacker in the same network or network segment. The datas confidentiallity is compromised.
Disclaimer: This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. The Murrelektronik GmbH reserves the right to change or update this document at any time.
CVE-2025-41718

A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-319 - Cleartext Transmission of Sensitive Information
Mitigation Murrelektronik recommends: * Deactivating the Webserver will prevent any data from being sent unencrypted. More information on how to disable the webserver can be found in the manual. * Deactivating all unused network ports in the unit will prevent data sniffing. * Segmenting the network strictly helps to minimize unauthorized access to network traffic. If the webserver must stay activated, this is recommended to reduce the security breaches impact. * Advise users of the system to not use personal data or standard passwords for the webserver accounts. This helps to prevent personal data leakage.
None Available There is no fix available in the current versions. A permanent solution is planned to be implemented in the future.
References
Acknowledgments
CERT@VDE certvde.com
Payatu Security Consulting Pvt. Ltd. Abhishek Pandey
Payatu Security Consulting Pvt. Ltd. Abhishek Pandey
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "Abhishek Pandey"
        ],
        "organization": "Payatu Security Consulting Pvt. Ltd.",
        "summary": "Reporting and Analysing"
      }
    ],
    "aggregate_severity": {
      "text": "low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The embedded web interface of the MURRELEKTRONIK IMPACT67 Pro PN DIO8 IOL8\ntransmits login credentials over unencrypted HTTP using a GET request. The device does\nnot offer HTTPS/TLS support, exposing user credentials to passive interception by any attacker on the same network.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "User credentials, sent to the devices Webserver, are exposed to an attacker in the same network or network segment. The datas confidentiallity is compromised.",
        "title": "Impact"
      },
      {
        "category": "legal_disclaimer",
        "text": "This document is provided on an \"AS IS\" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. The Murrelektronik GmbH reserves the right to change or update this document at any time.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@murrelektronik.de",
      "name": "Murrelektronik GmbH",
      "namespace": "https://murrelektronik.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "Murrelektronik Product Security Incident Response (PSIRT) Team",
        "url": "https://www.murrelektronik.com/de/kontakt/psirt/"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Murrelektronik",
        "url": "https://certvde.com/en/advisories/vendor/murrelektronik"
      },
      {
        "category": "self",
        "summary": "VDE-2025-091: Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2025-091/"
      },
      {
        "category": "self",
        "summary": "VDE-2025-091: Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro - CSAF",
        "url": "https://murrelektronik.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-091.json"
      }
    ],
    "title": "Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro",
    "tracking": {
      "aliases": [
        "VDE-2025-091"
      ],
      "current_release_date": "2025-10-14T10:00:00.000Z",
      "generator": {
        "date": "2025-10-14T07:20:14.779Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.35"
        }
      },
      "id": "VDE-2025-091",
      "initial_release_date": "2025-10-14T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-10-14T10:00:00.000Z",
          "number": "1.0.0",
          "summary": "initial release"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "branches": [
                      {
                        "category": "product_version_range",
                        "name": "\u003c=1.08.01",
                        "product": {
                          "name": "Murrelektronik Firmware Impact67 Pro 54630 \u003c=1.08.01",
                          "product_id": "CSAFPID-0001"
                        }
                      }
                    ],
                    "category": "product_name",
                    "name": "54630"
                  },
                  {
                    "branches": [
                      {
                        "category": "product_version_range",
                        "name": "\u003c=1.08.01",
                        "product": {
                          "name": "Murrelektronik Firmware Impact67 Pro 54620 \u003c=1.08.01",
                          "product_id": "CSAFPID-0002"
                        }
                      }
                    ],
                    "category": "product_name",
                    "name": "54620"
                  },
                  {
                    "branches": [
                      {
                        "category": "product_version_range",
                        "name": "\u003c=1.08.05",
                        "product": {
                          "name": "Murrelektronik Firmware Impact67 Pro 54631 \u003c=1.08.05",
                          "product_id": "CSAFPID-0003"
                        }
                      }
                    ],
                    "category": "product_name",
                    "name": "54631"
                  },
                  {
                    "branches": [
                      {
                        "category": "product_version_range",
                        "name": "\u003c=1.08.01",
                        "product": {
                          "name": "Murrelektronik Firmware Impact67 Pro 54632 \u003c=1.08.01",
                          "product_id": "CSAFPID-0004"
                        }
                      }
                    ],
                    "category": "product_name",
                    "name": "54632"
                  }
                ],
                "category": "product_family",
                "name": "Impact67 Pro"
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Murrelektronik"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ],
        "summary": "Known Affected"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Abhishek Pandey"
          ],
          "organization": "Payatu Security Consulting Pvt. Ltd. ",
          "summary": "Reporting and investigating the vulnerability.  "
        }
      ],
      "cve": "CVE-2025-41718",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "discovery_date": "2025-09-18T10:00:00.000Z",
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "date": "2025-09-19T09:00:00.000Z",
          "details": "Murrelektronik recommends:\n\n * Deactivating the Webserver will prevent any data from being sent unencrypted. \nMore information on how to disable the webserver can be found in the manual.\n * Deactivating all unused network ports in the unit will prevent data sniffing.\n * Segmenting the network strictly helps to minimize unauthorized access to network traffic. If the webserver must stay activated, this is recommended to reduce the security breaches impact.\n * Advise users of the system to not use personal data or standard passwords for the webserver accounts. This helps to prevent personal data leakage.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "none_available",
          "date": "2025-09-19T09:00:00.000Z",
          "details": "There is no fix available in the current versions. A permanent solution is planned to be implemented in the future.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-19T09:00:00.000Z",
          "details": "Leaked User Credentials results in the compromise of the leaked login. ",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "impact",
          "date": "2025-09-19T09:00:00.000Z",
          "details": "Leaked User Credentials can contain personal information of the regarding user. The confidentiality of personal data is endangered. ",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "impact",
          "date": "2025-09-19T09:00:00.000Z",
          "details": "Leaked user credentials can result in the compromise of other logins of this user, if he reuses the same password for other services. ",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "title": "Unprotected Transport of Credentials"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.