VYPR

Weos

by Westermo

CVEs (3)

  • CVE-2015-7923CriJan 30, 2016
    risk 0.59cvss 9.0epss 0.01

    Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key.

  • CVE-2025-54319MedJul 20, 2025
    risk 0.41cvss 6.3epss 0.00

    An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can gain unauthorized access to sensitive information via system logging information (syslog verbose logging that includes credentials).

  • CVE-2025-46419MedApr 24, 2025
    risk 0.38cvss 5.9epss 0.00

    Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.