An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system.
The auth bypass flaw allows a network-accessible attacker (without any privileges or user interaction) to bypass the authentication layer embedded in the device firmware. After bypassing authorization, the attacker gains the ability to directly execute code on the system (pre-authenticated code execution). The vulnerability classified as CWE-327 indicates the use of obsolete or unsafe cryptographic algorithm as one of the vulnerability components.
An attacker can gain full control of the device, execute arbitrary code, modify configuration, or disrupt the operation of industrial control systems. In OT environments, this can lead to serious operational consequences, including failures of cooling or air conditioning installations operated by these controllers.
The firmware should be updated to a version higher than 1.12.1, according to the manufacturer's instructions available at: https://webapps.copeland.com/Dixell/Pages/SystemSoftwareUpdate. Until the patch is applied, it is recommended to isolate devices from public networks and restrict network access to authorized hosts only, in accordance with CISA advisory ICSA-26-057-10 recommendations.
Copeland XWEB Pro version 1.12.1 and earlier, including devices: Copeland Xweb 300D Pro, Copeland Xweb 500D Pro, and Copeland Xweb 500B Pro (firmware and hardware versions).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HCopeland Xweb 300d Pro
HWCopelandwszystkie wersjeCopeland Xweb 300d Pro Firmware
OSCopeland≤ 1.12.1Copeland Xweb 500b Pro
HWCopelandwszystkie wersjeCopeland Xweb 500b Pro Firmware
OSCopeland≤ 1.12.1Copeland Xweb 500d Pro
HWCopelandwszystkie wersjeCopeland Xweb 500d Pro Firmware
OSCopeland≤ 1.12.1
Related vulnerabilities
Command Injection w Copeland XWEB Pro — RCE bez uwierzytelnienia
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticate...
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authentica...
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated...
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated...