CRITICAL🇵🇱 Wersja polska

CVE-2024-36081

CVSS 9.8v3.1pub. 2024-05-19upd. 2026-04-15

Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network.

🤖 AI Analysis
How it works

An attacker without any privileges can remotely download the configuration file from the Westermo EDW-100 device. This file contains a password stored in unencrypted form (cleartext password), which violates the principles of secure storage of authentication credentials (CWE-256, CWE-522). The password obtained this way can be directly used for further access to the device or other network resources.

Impact

An attacker can obtain device credentials without any authorization, which may consequently lead to complete takeover of the serial-to-Ethernet converter and enable lateral movement in the operational or industrial network to which the device is connected.

Mitigation & patch

Apply patches available from the manufacturer according to references (Westermo SA EDW-100 security advisory 24-05). The manufacturer indicates that the EDW-100 device should not be directly exposed at the network edge — its network isolation must be ensured, access should be restricted using a firewall, and OT/IT network segmentation should be applied until updates are deployed.

Who is affected

Westermo EDW-100 devices in all firmware versions up to 2024-05-03.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References