Westermo EDW-100

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to access the device using hardcoded credentials and download cleartext username and passwords.

CVEs (2)

Remediations

• To mitigate the risks associated with these vulnerabilities, Westermo recommends:
• Network segregation, perimeter protection, network to network protection, and physical security measures. EDW-100 functions as an industrial serial to ethernet converter. This means that EDW-100 does not in itself have any of the protective measures you require in a modern security posture, EDW-100 should not be placed at the edge of the network but instead deployed using the techniques mentioned in the IEC 62443 standard.
• This means the use of network segregation and perimeter protection which can be accomplished by for example deploying a firewall and the use of VLANs.
• If data needs to flow into, or out of, the security zone containing EDW-100 it is important to have network to network protection enabled which for example can be applied with a Virtual Private Network (VPN).
• It is also crucial to have physical security measures put in place as the unit can be vulnerable to physical attacks and tampering. A recommendation to mitigate this risk is to place the unit in a separate enclosure with locks and alarms if it opened outside of normal maintenance.
• While the unit's design characteristics may necessitate extra precautions, implementing the suggested countermeasures ensures a secure deployment that effectively addresses associated risks.
• Westermo recommends replacing EDW-100 with Lynx DSS L105-S1. For further reference see 5-Port Managed Industrial Device Server Switch | L105-S1 ᐈ Westermo.

Affected Vendors

Affected Products (1)

Affected Sectors

Energy, Water and Wastewater Systems, Transportation Systems