Risk Summary
Successful exploitation of these vulnerabilities could crash the device being accessed or may allow remote code execution.
CVEs (3)
Remediations
- Westermo advises users to disable HTTP access to the WebGUI and instead use HTTPS instead. This change will secure the credentials and session IDs, effectively nullifying the exploits described.
- To mitigate the risk of a denial-of-service attack through continuous login attempts, Westermo recommends disabling access to the device's WebGUI on external communication interfaces. For devices in production environments, disabling the WebGUI is suggested if possible.
- Westermo suggests limiting access to the device's CLI on external communication interfaces to prevent SSH DOS attacks through repeated login attempts.
- Westermo will keep users updated on any further enhancements.
Affected Vendors
Westermo
Affected Products (1)
Westermo
·
L210-F2G Lynx
4.21.0
Affected Sectors
Critical Manufacturing, Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more