Primary

Context

Westermo WeOS Sensitive Information Exposure Vulnerability in Logging

Vulnerability

A vulnerability exists in Westermo WeOS versions 5.24 through 5.24.4, allowing unauthorized access to sensitive information such as credentials through verbose system logging. This log data can be accessed by users authorized to read syslog files.

Impact

The vulnerability could lead to unauthorized access to sensitive information, including credentials, through system logs.

Remediation

Westermo recommends limiting access to administration accounts, storing audit records on a separate syslog server with access controls and encryption, and enabling TLS for remote logs using strong cipher suites.

Added: Jul 20, 2025, 9:19 PM

Updated: Jul 20, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.9

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.9

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Westermo WeOS Sensitive Information Exposure Vulnerability in Logging

Vulnerability

Impact

Remediation

Affected Products

Westermo WeOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating