CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-21718

CVSS 10.0v3.1pub. 2026-02-27

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system.

🤖 AI Analysis
How it works

The auth bypass flaw allows a network-accessible attacker (without any privileges or user interaction) to bypass the authentication layer embedded in the device firmware. After bypassing authorization, the attacker gains the ability to directly execute code on the system (pre-authenticated code execution). The vulnerability classified as CWE-327 indicates the use of obsolete or unsafe cryptographic algorithm as one of the vulnerability components.

Impact

An attacker can gain full control of the device, execute arbitrary code, modify configuration, or disrupt the operation of industrial control systems. In OT environments, this can lead to serious operational consequences, including failures of cooling or air conditioning installations operated by these controllers.

Mitigation & patch

The firmware should be updated to a version higher than 1.12.1, according to the manufacturer's instructions available at: https://webapps.copeland.com/Dixell/Pages/SystemSoftwareUpdate. Until the patch is applied, it is recommended to isolate devices from public networks and restrict network access to authorized hosts only, in accordance with CISA advisory ICSA-26-057-10 recommendations.

Who is affected

Copeland XWEB Pro version 1.12.1 and earlier, including devices: Copeland Xweb 300D Pro, Copeland Xweb 500D Pro, and Copeland Xweb 500B Pro (firmware and hardware versions).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Copeland Xweb 300d Pro

    HW
    Copeland
    wszystkie wersje
  • Copeland Xweb 300d Pro Firmware

    OS
    Copeland
    ≤ 1.12.1
  • Copeland Xweb 500b Pro

    HW
    Copeland
    wszystkie wersje
  • Copeland Xweb 500b Pro Firmware

    OS
    Copeland
    ≤ 1.12.1
  • Copeland Xweb 500d Pro

    HW
    Copeland
    wszystkie wersje
  • Copeland Xweb 500d Pro Firmware

    OS
    Copeland
    ≤ 1.12.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2026-24663CRITICAL9.0PL ✓ten sam produkt

Command Injection w Copeland XWEB Pro — RCE bez uwierzytelnienia

CVE-2026-20742HIGH8.0ten sam produkt

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticate...

CVE-2026-20902HIGH8.0ten sam produkt

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authentica...

CVE-2026-20910HIGH8.0ten sam produkt

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated...

CVE-2026-20764HIGH8.0ten sam produkt

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated...