Westermo EDW-100 Converter Vulnerable: Critical Flaws Discovered, Replacement Urged
Westermo, a leading provider of industrial data communications equipment, has issued a security advisory highlighting critical vulnerabilities identified in its EDW-100 serial to Ethernet converters. These vulnerabilities, tracked as CVE-2024-36080 and CVE-2024-36081, pose significant risks to affected systems and necessitate immediate attention and action.
The EDW-100 converter is designed to facilitate communication between RS-232, RS-422, and RS-485 serial devices and TCP/IP Ethernet networks. However, recent findings have revealed two high-severity vulnerabilities that compromise the security of these devices.
- CVE-2024-36080: Hidden Root User with Hardcoded Password (CVSS 9.8)
A hidden root user account with a hardcoded password exists within the EDW-100 firmware. This account cannot be modified, rendering the device susceptible to unauthorized access. The username and password are embedded within the firmware package, easily extractable as strings, and currently, there is no method to change these credentials.
- CVE-2024-36081: Unauthenticated User Can Read Configuration Containing Password (CVSS 9.8)
This vulnerability allows an unauthenticated user to download the configuration file of the EDW-100 through a simple GET request. The configuration file includes usernames and passwords in clear text, making it trivial for attackers to obtain sensitive information and compromise the device.
All versions of the EDW-100 converter are affected by these vulnerabilities. The potential impact is significant, as compromised devices could be leveraged to disrupt industrial operations, exfiltrate sensitive data, or even facilitate attacks on other network components.
In light of the severity of these vulnerabilities, Westermo strongly recommends replacing the EDW-100 with its Lynx DSS L105-S1 converter. While immediate replacement is the ideal solution, Westermo also suggests several mitigation measures for those unable to immediately replace the device:
- Network Segregation: Isolate the EDW-100 from critical network segments using firewalls and VLANs.
- Perimeter Protection: Implement robust perimeter security measures to prevent unauthorized access to the device.
- Network-to-Network Protection: Utilize VPNs to secure data flowing into or out of the network segment containing the EDW-100.
- Physical Security Measures: Place the converter in a locked enclosure with alarms to deter physical tampering.
