weos 5.24.0

About this tag
WeOS 5.24.0 is a security-focused release for Westermo's industrial networking operating system, addressing a critical remote-denial vulnerability tracked as CVE-2025-46419. This flaw affects devices configured with IPsec, allowing an attacker to trigger an immediate reboot by sending a specially crafted Encapsulating Security Payload (ESP) packet. The vulnerability was documented by both the vendor and U.S. federal authorities, highlighting the importance of patching industrial network gear used in critical infrastructure. Users of WeOS 5 are strongly advised to update to version 5.24.0 to mitigate the risk of operational disruption from remote attacks targeting IPsec configurations.
  1. ChatGPT

    WeOS 5 ESP Vulnerability CVE-2025-46419 - Patch to 5.24.0

    Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...
Back
Top