← Back to home
ICSA-25-261-01  ·  Published 2025-09-18  ·  View on CISA ICS-CERT ↗

Westermo Network Technologies WeOS 5

CVSS 7.6 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker with administrative permissions to execute commands that would typically be inaccessible. This could allow the execution of commands with privileges beyond those normally granted to the attacker.

CVEs (1)

Remediations

  • Westermo recommends the following mitigations which do not require a software update:
  • Limit administration account access to trusted parties.
  • Use best practices for passwords related to administration accounts.
  • For more information refer to Westermo's security advisory Westermo-25-07.

Affected Vendors

Westermo Network Technologies

Affected Products (1)

Westermo Network Technologies · WeOS 5 >=5.24

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more