German industrial automation company Weidmueller Interface GmbH & Co. KG has disclosed multiple critical vulnerabilities affecting its IE-SR-2TX series of security routers that could allow attackers to execute arbitrary commands with root privileges on targeted devices.
The vulnerabilities, tracked under five separate CVE identifiers with severity scores ranging from 8.8 to 9.8 on the CVSS scale, impact three router models used in industrial networking environments.
Weidmueller has released firmware patches to address these security vulnerabilities, marking a significant development in industrial cybersecurity given the critical nature of these networking devices in operational technology environments.
The security advisory, designated VDE-2025-052 and published by CERT@VDE on June 11, 2025, identifies five distinct vulnerabilities that collectively present a severe threat to industrial networks. The vulnerability breakdown includes:
- CVE-2025-41663 – Critical severity (CVSS 9.8): Maximum risk vulnerability allowing complete system compromise.
- CVE-2025-41687 – Critical severity (CVSS 9.8): Extremely high-risk vulnerability enabling unauthorized access.
- CVE-2025-41661 – High severity (CVSS 8.8): Significant security weakness affecting system integrity.
- CVE-2025-41683 – High severity (CVSS 8.8): High-impact vulnerability compromising network security.
- CVE-2025-41684 – High severity (CVSS 8.8): Serious security vulnerability enabling privilege escalation.
The advisory underwent a significant update on July 23, 2025, which added three additional CVEs (CVE-2025-41683, CVE-2025-41684, and CVE-2025-41687) while updating the CVSS score for CVE-2025-41663 and removing CVE-2025-41662 from the original disclosure.
This revision demonstrates the evolving nature of the security investigation and suggests that the scope of vulnerabilities may have been broader than initially assessed.
The ability for attackers to execute arbitrary commands with root privileges represents a complete compromise scenario, potentially allowing unauthorized access to sensitive industrial control systems and critical infrastructure components.
Weidmueller Industrial Router Vulnerabilities
Three specific Weidmueller router models are impacted by these vulnerabilities, each serving different industrial networking requirements.
The IE-SR-2TX-WL model, affecting firmware versions below V1.49, represents the base wireless-enabled security router configuration.
The IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V models, both affecting firmware versions below V1.62, incorporate cellular connectivity capabilities for European and US markets respectively.
These routers are typically deployed in industrial environments where secure remote access and network segmentation are critical for operational safety and security.
The devices serve as security gateways between industrial networks and external connections, making them high-value targets for cybercriminals seeking to infiltrate manufacturing systems, power grids, or other critical infrastructure.
The wireless and cellular connectivity features of these models make them particularly attractive attack vectors, as they often provide entry points into otherwise isolated industrial networks.
Enhanced Security Measures
Weidmueller has responded to the vulnerability disclosure by releasing updated firmware versions that address all identified security vulnerabilities.
The IE-SR-2TX-WL model requires upgrading to firmware version V1.49, while both cellular-enabled models (IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V) need updating to version V1.62.
The company emphasizes that these updates should be implemented immediately to prevent potential exploitation.
Beyond the immediate firmware patches, Weidmueller has issued comprehensive security recommendations for organizations using these devices.
The company strongly advises changing all default passwords, a common security vulnerability in industrial systems where default credentials often remain unchanged.
Additionally, they recommend minimizing network exposure by limiting device access to trusted networks only and implementing appropriate network segmentation mechanisms.
These general security measures represent industry best practices for industrial cybersecurity and should be considered essential components of any comprehensive security strategy for operational technology environments.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
