VDE-2021-016

Vulnerability from csaf_weidmuellerinterfacegmbhcokg - Published: 2021-05-04 08:17 - Updated: 2025-05-14 12:28
Summary
Weidmueller: Accidentally open network port in u-controls and IoT-Gateways
Notes
Summary: A network port intended only for device-internal usage is accidentally accessible via external network interfaces.
Impact: The reported vulnerability allows an attacker who has network access and knowledge about the internal configuration protocol to read and write configuration data without prior authorization. By exploiting this vulnerability the attacker potentially is able to manipulate or stop the operation of the device.
Mitigation: - Restrict access to the network th device is connected to - Do not directly connect the device to the internet
Remediation: Weidmüller recommends upgrading affected devices to the current firmware version 1.12.3 or higher which fixes this vulnerability. Alternatively the following firmware versions which fix this vulnerability may be installed: | **Product** | **Affected (installed) firmware version** | **Fixed firmware version** | |-----------------------|-----------------------------------------------|--------------------------------| | Any affected product | 1.3.0 - 1.9.0 | 1.9.1 | | Any affected product | 1.10.1, 1.10.2 | 1.10.3 | | Any affected product | 1.10.0, 1.11.0, 1.12.1 | 1.12.3 |
CVE-2021-20999

In Weidmueller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces. By exploiting this vulnerability the device may be manipulated or the operation may be stopped.

9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-668 - Exposure of Resource to Wrong Sphere
Mitigation Restrict access to the network th device is connected to Do not directly connect the device to the internet
Vendor Fix Weidmüller recommends upgrading affected devices to the current firmware version 1.12.3 or higher which fixes this vulnerability. Alternatively the following firmware versions which fix this vulnerability may be installed: | **Product** | **Affected (installed) firmware version** | **Fixed firmware version** | |-----------------------|-----------------------------------------------|--------------------------------| | Any affected product | 1.3.0 - 1.9.0 | 1.9.1 | | Any affected product | 1.10.1, 1.10.2 | 1.10.3 | | Any affected product | 1.10.0, 1.11.0, 1.12.1 | 1.12.3 |
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "A network port intended only for device-internal usage is accidentally accessible via external network interfaces.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The reported vulnerability allows an attacker who has network access and knowledge about the internal configuration protocol to read and write configuration data without prior authorization. By exploiting this vulnerability the attacker potentially is able to manipulate or stop the operation of the device.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "- Restrict access to the network th device is connected to\n- Do not directly connect the device to the internet",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Weidm\u00fcller recommends upgrading affected devices to the current firmware version 1.12.3 or higher which fixes this vulnerability.\n\nAlternatively the following firmware versions which fix this vulnerability may be installed:\n\n| **Product**          | **Affected (installed) firmware version** | **Fixed firmware version** |\n|-----------------------|-----------------------------------------------|--------------------------------|\n| Any affected product | 1.3.0 - 1.9.0                                 | 1.9.1                         |\n| Any affected product | 1.10.1, 1.10.2                                | 1.10.3                        |\n| Any affected product | 1.10.0, 1.11.0, 1.12.1                        | 1.12.3                        |",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@weidmueller.com",
      "name": "Weidmueller Interface GmbH \u0026 Co. KG",
      "namespace": "https://www.weidmueller.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "Weidmueller advisory overview at CERT@VDE",
        "url": "https://certvde.com/en/advisories/vendor/weidmueller/"
      },
      {
        "category": "self",
        "summary": "VDE-2021-016: Weidmueller: Accidentally open network port in u-controls and IoT-Gateways - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2021-016"
      },
      {
        "category": "self",
        "summary": "VDE-2021-016: Weidmueller: Accidentally open network port in u-controls and IoT-Gateways - CSAF",
        "url": "https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-016.json"
      }
    ],
    "title": "Weidmueller: Accidentally open network port in u-controls and IoT-Gateways",
    "tracking": {
      "aliases": [
        "VDE-2021-016"
      ],
      "current_release_date": "2025-05-14T12:28:19.000Z",
      "generator": {
        "date": "2025-01-23T08:43:12.153Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.17"
        }
      },
      "id": "VDE-2021-016",
      "initial_release_date": "2021-05-04T08:17:00.000Z",
      "revision_history": [
        {
          "date": "2021-05-04T08:17:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2025-05-14T12:28:19.000Z",
          "number": "2",
          "summary": "Fix: version space, firmware category, added distribution"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IOT-GW30",
                "product": {
                  "name": "IOT-GW30",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1334990000"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IOT-GW30-4G-EU",
                "product": {
                  "name": "IOT-GW30-4G-EU",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1334990000"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "UC20-WL2000-AC",
                "product": {
                  "name": "UC20-WL2000-AC",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1334950000"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "UC20-WL2000-IOT",
                "product": {
                  "name": "UC20-WL2000-IOT",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1334990000"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "1.3.0\u003c=1.9.0",
                "product": {
                  "name": "Firmware 1.3.0\u003c=1.9.0",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "1.10.0\u003c=1.10.2",
                "product": {
                  "name": "Firmware 1.10.0\u003c=1.10.2",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version",
                "name": "1.11.0",
                "product": {
                  "name": "Firmware 1.11.0",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version",
                "name": "1.12.1",
                "product": {
                  "name": "Firmware 1.12.1",
                  "product_id": "CSAFPID-21004"
                }
              },
              {
                "category": "product_version",
                "name": "1.9.1",
                "product": {
                  "name": "Firmware 1.9.1",
                  "product_id": "CSAFPID-22001"
                }
              },
              {
                "category": "product_version",
                "name": "1.10.3",
                "product": {
                  "name": "Firmware 1.10.3",
                  "product_id": "CSAFPID-22002"
                }
              },
              {
                "category": "product_version",
                "name": "1.12.3",
                "product": {
                  "name": "Firmware 1.12.3",
                  "product_id": "CSAFPID-22003"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Weidmueller"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016"
        ],
        "summary": "Affected Products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014",
          "CSAFPID-32015",
          "CSAFPID-32016"
        ],
        "summary": "Fixed Products"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.3.0\u003c=1.9.0 installed on IOT-GW30",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.0\u003c=1.10.2 installed on IOT-GW30",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.11.0 installed on IOT-GW30",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.1 installed on IOT-GW30",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.3.0\u003c=1.9.0 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.0\u003c=1.10.2 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.11.0 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.1 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.3.0\u003c=1.9.0 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.0\u003c=1.10.2 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-31010"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.11.0 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-31011"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.1 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-31012"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.3.0\u003c=1.9.0 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-31013"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.0\u003c=1.10.2 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-31014"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.11.0 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-31015"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.1 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-31016"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.9.1 installed on IOT-GW30",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.3 installed on IOT-GW30",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on IOT-GW30",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on IOT-GW30",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.9.1 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-32005"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.3 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-32006"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-32007"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on IOT-GW30-4G-EU",
          "product_id": "CSAFPID-32008"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.9.1 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-32009"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.3 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-32010"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-32011"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on UC20-WL2000-AC",
          "product_id": "CSAFPID-32012"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.9.1 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-32013"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.10.3 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-32014"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-32015"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.12.3 installed on UC20-WL2000-IOT",
          "product_id": "CSAFPID-32016"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11004"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-20999",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "description",
          "text": "In Weidmueller u-controls and IoT-Gateways in versions up to 1.12.1 a network port intended only for device-internal usage is accidentally accessible via external network interfaces. By exploiting this vulnerability the device may be manipulated or the operation may be stopped.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014",
          "CSAFPID-32015",
          "CSAFPID-32016"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Restrict access to the network th device is connected to\nDo not directly connect the device to the internet",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Weidm\u00fcller recommends upgrading affected devices to the current firmware version 1.12.3 or higher which fixes this vulnerability.\n\nAlternatively the following firmware versions which fix this vulnerability may be installed:\n\n| **Product**          | **Affected (installed) firmware version** | **Fixed firmware version** |\n|-----------------------|-----------------------------------------------|--------------------------------|\n| Any affected product | 1.3.0 - 1.9.0                                 | 1.9.1                         |\n| Any affected product | 1.10.1, 1.10.2                                | 1.10.3                        |\n| Any affected product | 1.10.0, 1.11.0, 1.12.1                        | 1.12.3                        |\n",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016"
          ]
        }
      ],
      "title": "CVE-2021-20999"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.