CRITICAL🇵🇱 Wersja polska

CVE-2025-41733

CVSS 9.8v3.1pub. 2025-11-18upd. 2025-11-21

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials.

🤖 AI Analysis
How it works

The vulnerability results from the lack of verification of the device initialization state in the commissioning wizard mechanism (CWE-305: Authentication Bypass by Primary Weakness). An attacker can send properly crafted HTTP POST requests directly to the wizard endpoint, even if the device has been previously configured. As a result, it is possible to set arbitrary credentials for the root account without any prior authentication. The attack does not require user interaction or knowledge of existing credentials.

Impact

An attacker gains full administrative control over the device by taking over the root account, leading to violations of confidentiality, integrity, and availability of the system and the data it processes.

Mitigation & patch

Apply patches available from the manufacturer in accordance with the references (https://certvde.com/de/advisories/VDE-2025-097). Until the fix is implemented, it is recommended to isolate devices from public networks, restrict access to the management interface only to trusted hosts, and monitor unauthorized POST requests to the configuration wizard endpoints.

Who is affected

Metz-Connect Ewio2-BM, Ewio2-M-BM, and Ewio2-M devices along with their corresponding firmware versions — specific versions indicated in the manufacturer references (VDE-2025-097).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Metz Connect Ewio2 Bm

    HW
    Metz-Connect
    wszystkie wersje
  • Metz Connect Ewio2 Bm Firmware

    OS
    Metz-Connect
    < 2.2.0
  • Metz Connect Ewio2 M

    HW
    Metz-Connect
    wszystkie wersje
  • Metz Connect Ewio2 M Bm

    HW
    Metz-Connect
    wszystkie wersje
  • Metz Connect Ewio2 M Bm Firmware

    OS
    Metz-Connect
    < 2.2.0
  • Metz Connect Ewio2 M Firmware

    OS
    Metz-Connect
    < 2.2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-41734CRITICAL9.8PL ✓ten sam produkt

RCE przez nieuwierzytelnione wykonanie plików PHP w Metz-Connect EWIO2

CVE-2025-41735HIGH8.8ten sam produkt

A low privileged remote attacker can upload any file to an arbitrary location due to missing file check result...

CVE-2025-41736HIGH8.8ten sam produkt

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path trave...

CVE-2025-41737HIGH7.5ten sam produkt

Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules...