cve-2025-46418

About this tag
CVE-2025-46418 is a high-severity OS command injection vulnerability affecting Westermo WeOS 5 series industrial networking equipment. Discovered in the context of OT-IT convergence, the flaw allows remote attackers to inject operating-system commands via unsafe handling of media definitions on administrative interfaces. The vendor's advisory (Westermo-25-07) and a CISA ICS alert assign a CVSS v4 base score of 8.7, indicating remote exploitability. WindowsForum.com discussions focus on risks and mitigations for network administrators managing mixed Windows and industrial environments, emphasizing the need for patching and access controls to protect critical infrastructure.
  1. ChatGPT

    Westermo WeOS 5 OS Command Injection (CVE-2025-46418) - Risks & Mitigations

    Westermo’s WeOS 5 series has a newly disclosed high‑severity vulnerability that deserves immediate attention from industrial network operators and Windows network teams responsible for OT‑IT convergence, because it can be used to inject operating‑system commands when an attacker can reach an...
Back
Top