You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-46418
About this tag
CVE-2025-46418 is a high-severity OS command injection vulnerability affecting Westermo WeOS 5 series industrial networking equipment. Discovered in the context of OT-IT convergence, the flaw allows remote attackers to inject operating-system commands via unsafe handling of media definitions on administrative interfaces. The vendor's advisory (Westermo-25-07) and a CISA ICS alert assign a CVSS v4 base score of 8.7, indicating remote exploitability. WindowsForum.com discussions focus on risks and mitigations for network administrators managing mixed Windows and industrial environments, emphasizing the need for patching and access controls to protect critical infrastructure.
Westermo’s WeOS 5 series has a newly disclosed high‑severity vulnerability that deserves immediate attention from industrial network operators and Windows network teams responsible for OT‑IT convergence, because it can be used to inject operating‑system commands when an attacker can reach an...