Lucene search

CERTVDECVELIST:CVE-2021-33528

HistoryJun 25, 2021 - 6:25 p.m.

CVE-2021-33528 WEIDMUELLER: WLAN devices affected by privilege escalation vulnerability

2021-06-2518:25:53

CWE-710

CERTVDE

www.cve.org

weidmueller industrial wlan devices

privilege escalation

vulnerability

iw_console functionality

system access

root user

low privilege user.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

CNA Affected

[
  {
    "product": "IE-WL(T)-BL-AP-CL-XX",
    "vendor": "Weidmüller",
    "versions": [
      {
        "lessThanOrEqual": "V1.16.18 (Build 18081617)",
        "status": "affected",
        "version": "IE-WL-BL-AP-CL-EU (2536600000)",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "V1.16.18 (Build 18081617)",
        "status": "affected",
        "version": "IE-WLT-BL-AP-CL-EU (2536650000)",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "V1.16.18 (Build 18081617)",
        "status": "affected",
        "version": "IE-WL-BL-AP-CL-US (2536660000)",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "V1.16.18 (Build 18081617)",
        "status": "affected",
        "version": "IE-WLT-BL-AP-CL-US (2536670000)",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "IE-WL(T)-VL-AP-CL-XX",
    "vendor": "Weidmüller",
    "versions": [
      {
        "lessThanOrEqual": "V1.11.10 (Build 18122616)",
        "status": "affected",
        "version": "IE-WL-VL-AP-BR-CL-EU (2536680000)",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "V1.11.10 (Build 18122616)",
        "status": "affected",
        "version": "IE-WLT-VL-AP-BR-CL-EU (2536690000)",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "V1.11.10 (Build 18122616)",
        "status": "affected",
        "version": "IE-WL-VL-AP-BR-CL-US (2536700000)",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "V1.11.10 (Build 18122616)",
        "status": "affected",
        "version": "IE-WLT-VL-AP-BR-CL-US (2536710000)",
        "versionType": "custom"
      }
    ]
  }
]

References

cert.vde.com/en-us/advisories/vde-2021-026

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Related for CVELIST:CVE-2021-33528