CVE-2021-33538 : Security Advisory and Response
Discover the details of CVE-2021-33538 affecting Weidmüller Industrial WLAN devices, allowing for unauthorized access and remote shell capability. Learn about the impact, technical aspects, and mitigation steps.
In Weidmüller Industrial WLAN devices in multiple versions, there exists an exploitable improper access control vulnerability that allows for the overwrite of an existing user account password. This vulnerability can result in remote shell access to the device as that user, enabling an attacker to send commands while authenticated as a low privilege user.
Understanding CVE-2021-33538
This CVE identifies a critical security issue in Weidmüller Industrial WLAN devices, impacting specific versions and configurations.
What is CVE-2021-33538?
The CVE-2021-33538 vulnerability is related to improper access control in Weidmüller Industrial WLAN devices, allowing attackers to gain unauthorized access and potentially take control of the affected devices.
The Impact of CVE-2021-33538
The impact of CVE-2021-33538 is rated as high, with a base score of 8.8 and the potential for remote shell access and unauthorized command execution.
Technical Details of CVE-2021-33538
The technical details of CVE-2021-33538 shed light on the vulnerability, affected systems, and the exploitation mechanism.
Vulnerability Description
The vulnerability stems from an improper access control issue in the iw_webs account settings functionality, enabling attackers to overwrite existing user account passwords.
Affected Systems and Versions
The vulnerability affects specific versions of Weidmüller Industrial WLAN devices, including IE-WL(T)-BL-AP-CL-XX and IE-WL(T)-VL-AP-CL-XX.
Exploitation Mechanism
Exploiting CVE-2021-33538 involves crafting a malicious user name entry to trigger the overwrite of a user account password and gain remote shell access.
Mitigation and Prevention
To address CVE-2021-33538, immediate steps, long-term security practices, and the importance of applying patches and updates are essential.
Immediate Steps to Take
Users should update affected devices to the fixed versions promptly to mitigate the risk of exploitation.
Long-Term Security Practices
Implementing robust access control measures and regular security assessments can enhance the overall security posture against such vulnerabilities.
Patching and Updates
Weidmüller has released fixed versions for the affected devices. Users are advised to install IE-WL(T)-BL-AP-CL-XX versions V1.16.21 (Build 21010513) or later, and IE-WL(T)-VL-AP-CL-XX versions V1.11.13 (Build 21010513) or later.