ICSA-26-022-05
·
Published 2026-01-22
·
View on CISA ICS-CERT ↗
Weintek cMT X Series HMI EasyWeb Service
CVSS 8.3
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could allow a low-level user to alter privileges and gain full control to the device.
CVEs (2)
Remediations
- Weintek recommends users implement the following mitigation techniques:
- cMT3072XH: Version 20241112
- cMT3072XH(T): Version 20241112
- cMT-SVRX-820: Version 20240919
- cMT-CTRL01: Version 20250827
- For more information, see Weintek's planned notice: https://dl.weintek.com/public/Document/TEC/TEC25003E_cMT_EasyWeb_V2_Security_Issues.pdf
Affected Vendors
Weintek
Affected Products (4)
Weintek
·
cMT3072XH
>=20200630|<20241112
Weintek
·
cMT3072XH(T)
>=20200630|<20241112
Weintek
·
cMT-SVRX-820
>=20220413|<20240919
Weintek
·
cMT-CTRL01
>=20230308|<20250827
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more