Weidmueller Industrial Routers Exposed to Remote Code Execution Flaws

Multiple high-severity security vulnerabilities have been discovered in Weidmueller Industrial Routers, potentially allowing attackers to execute arbitrary code with root privileges on affected devices.

The German industrial automation company has released security patches to address five critical flaws affecting its IE-SR-2TX router series.

Critical Security Advisory Details

The vulnerabilities, tracked under advisory VDE-2025-052, were first published on June 11, 2025, with the latest update issued on July 23, 2025.

The security flaws impact several models of Weidmueller’s IE-SR-2TX wireless security routers, which are commonly deployed in industrial networks and critical infrastructure environments.

According to the advisory, the affected router models include the IE-SR-2TX-WL, IE-SR-2TX-WL-4G-EU, and IE-SR-2TX-WL-4G-US-V variants.

These devices are widely used in industrial automation systems where network security is paramount.

Five distinct Common Vulnerabilities and Exposures (CVEs) have been identified, with severity scores ranging from 8.8 to 9.8 on the Common Vulnerability Scoring System (CVSS):

The vulnerabilities could enable malicious actors to execute arbitrary commands on compromised devices with root privileges, potentially leading to complete system compromise.

This level of access could allow attackers to manipulate industrial processes, steal sensitive data, or use the compromised routers as pivot points for lateral movement within industrial networks.

Weidmueller has responded promptly to these security issues by releasing firmware updates that address all identified vulnerabilities. The company recommends immediate updates to the following versions:

• IE-SR-2TX-WL: Update to firmware version V1.49
• IE-SR-2TX-WL-4G-EU: Update to firmware version V1.62
• IE-SR-2TX-WL-4G-US-V: Update to firmware version V1.62

Beyond applying the firmware patches, Weidmueller strongly advises organizations to implement additional security measures.

These include changing default passwords immediately, minimizing network exposure of affected devices, and restricting access to trusted networks only through appropriate security mechanisms.

The vulnerabilities were discovered through coordinated disclosure efforts involving CERT@VDE, ONEKEY Research Labs, and security researcher Reid Wightman from Dragos Inc.

This collaborative approach ensured that patches were available when the vulnerabilities were publicly disclosed, minimizing the window of exposure for organizations using these devices.

Organizations operating Weidmueller IE-SR-2TX routers should prioritize applying these security updates immediately to prevent potential exploitation of these critical vulnerabilities.

Get Free Ultimate SOC Requirements Checklist Before you build, buy, or switch your SOC for 2025 - Download Now