CVE-2025-41649

Summary

An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices.

Affected Software

VendorProductVersion RangeStatus
WeidmuellerIE-SW-VL05M-5TX0.0.0 < 3.6.32affected
WeidmuellerIE-SW-VL05MT-5TX0.0.0 < 3.6.32affected
WeidmuellerIE-SW-VL08MT-8TX0.0.0 < 3.5.36affected
WeidmuellerIE-SW-VL08MT-5TX-1SC-2SCS0.0.0 < 3.5.36affected
WeidmuellerIE-SW-VL08MT-6TX-2SC0.0.0 < 3.5.36affected
WeidmuellerIE-SW-VL08MT-6TX-2ST0.0.0 < 3.5.36affected
WeidmuellerIE-SW-VL08MT-6TX-2SCS0.0.0 < 3.5.36affected
WeidmuellerIE-SW-PL10M-3GT-7TX0.0.0 < 3.3.34affected
WeidmuellerIE-SW-PL10MT-3GT-7TX0.0.0 < 3.3.34affected
WeidmuellerIE-SW-PL16M-16TX0.0.0 < 3.4.32affected
WeidmuellerIE-SW-PL16MT-16TX0.0.0 < 3.4.32affected
WeidmuellerIE-SW-PL18M-2GC-16TX0.0.0 < 3.4.40affected
WeidmuellerIE-SW-PL18MT-2GC-16TX0.0.0 < 3.4.40affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References