You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
weos 5
About this tag
WeOS 5 is Westermo's industrial networking operating system used in managed switches, routers, and other critical infrastructure gear. Recent discussions on WindowsForum highlight two high-severity vulnerabilities: CVE-2025-46419, a remote denial-of-service flaw in IPsec ESP packet handling that can trigger immediate device reboots, and CVE-2025-46418, an OS command injection vulnerability exploitable via the administrative interface. Both issues are documented by Westermo and CISA, with CVSS scores of 8.7 and 8.6 respectively. Operators are urged to patch to version 5.24.0 or later. These threads are relevant for IT and OT teams managing industrial networks, especially those converging with Windows-based systems.
Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...
Westermo’s WeOS 5 series has a newly disclosed high‑severity vulnerability that deserves immediate attention from industrial network operators and Windows network teams responsible for OT‑IT convergence, because it can be used to inject operating‑system commands when an attacker can reach an...