WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability

Vulnerability

In Weidmueller Industrial WLAN devices across multiple versions, the service agent binary contains hard-coded cryptographic keys [1]. This allows an attacker to decrypt traffic captured from or to the device without any special configuration requirements.

Exploitation

An attacker with network access to the device's communication can capture encrypted network traffic. Using the hard-coded keys extracted from the binary, the attacker can decrypt the captured traffic to obtain plaintext data [1]. No authentication or user interaction is required.

Impact

Successful exploitation results in complete loss of confidentiality for all network traffic between the device and other hosts. The attacker can read sensitive information such as credentials, control commands, or industrial process data [1].

Mitigation

No mitigation details are provided in the available reference [1]. Users should contact Weidmueller for updated firmware or consider network segmentation to limit exposure until a fix is available.