CVE-2020-7227

Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.as...

EUVD-2018-11301

Malware in sbrugna...

EUVD-2017-4242

Malware in sbrugna...

EUVD-2015-7821

Malware in sbrugna...

EUVD-2018-11300

Malware in sbrugna...

EUVD-2018-11299

Malware in sbrugna...

EUVD-2023-49520

Malicious code in bioql PyPI...

EUVD-2024-35879

Malicious code in bioql PyPI...

EUVD-2023-50024

Malicious code in bioql PyPI...

EUVD-2023-44750

Malicious code in bioql PyPI...

EUVD-2025-22038

Malicious code in bioql PyPI...

EUVD-2024-35880

Malicious code in bioql PyPI...

EUVD-2025-12150

Malicious code in bioql PyPI...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on September 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-261-01 Westermo Network Technologies WeOS 5 ICSA-25-261-02 Westermo Network...

Westermo Network Technologies WeOS 5

RISK EVALUATION Successful exploitation of this vulnerability could cause the device to reboot. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

CVE-2025-54319

An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...

CVE-2025-54319

An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...

CVE-2025-54319

An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...

PT-2025-30217 · Westermo · Westermo Weos

Name of the Vulnerable Software and Affected Versions: Westermo WeOS versions 5.24 through 5.24.4 Description: An issue was discovered that allows a threat actor to potentially gain unauthorized access to sensitive information via system logging information, specifically through verbose syslog...

CVE-2025-54319

Westermo WeOS versions 5.24–5.24.4 are affected by CVE-2025-54319 due to verbose syslog logging that can disclose credentials, enabling potential unauthorized access to sensitive information. Root cause: logging configuration exposes credentials in syslog. Affected software: Westermo WeOS 5.x (5....