B+B SmartWorx VESP211 Authentication Bypass Vulnerability

Act Now9.8ICS-CERT ICSA-16-049-01Nov 21, 2016

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The B+B SmartWorx VESP211 serial-to-Ethernet gateway contains an authentication bypass vulnerability. An attacker can bypass login authentication and gain full administrative access to configure device settings, modify communication parameters, or deny service. The vulnerability affects VESP211-EU and VESP211-232 firmware versions 1.7.2 and 1.5.1. No vendor patch has been released.

What this means

What could happen

An attacker with network access to the VESP211 can bypass authentication and gain full remote control of the device, potentially altering device configuration, reading/writing settings, or disrupting communications in systems that depend on it.

Who's at risk

This affects any facility using B+B SmartWorx VESP211 devices for serial-to-Ethernet gateway, industrial communications bridging, or remote access to serial devices (PLCs, sensors, meters). Water utilities, power distribution operators, and manufacturing plants using these gateways for legacy equipment integration should be concerned.

How it could be exploited

An attacker sends a specially crafted authentication request to the VESP211 over the network (port 80 or similar). The device fails to properly validate credentials and grants access without requiring valid login credentials. The attacker can then issue administrative commands.

Prerequisites

Network access to the VESP211 device (typically port 80 or port 502 if Modbus)
No valid credentials required—the vulnerability is pre-authentication

Remotely exploitableNo authentication requiredLow complexity attackNo patch availableCVSS 9.8 (critical severity)

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (3)

3 EOL

ProductAffected VersionsFix Status

VESP211-EU firmware: 1.7.21.7.2No fix (EOL)

VESP211-232 firmware: 1.7.21.7.2No fix (EOL)

VESP211-232 firmware: 1.5.11.5.1No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGRestrict network access to VESP211 devices using firewall rules; only permit trusted engineering workstations and control systems to connect

HARDENINGDisable remote management/web interface access if not actively required for operations

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor VESP211 device logs and network traffic for suspicious authentication attempts or configuration changes

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: VESP211-EU firmware: 1.7.2, VESP211-232 firmware: 1.7.2, VESP211-232 firmware: 1.5.1. Apply the following compensating controls:

HARDENINGDeploy network segmentation to isolate VESP211 devices on a dedicated control network; prevent direct internet or untrusted LAN access

CVEs (1)

CVE-2016-2275

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/636f1b9b-d18d-477e-89f2-eba96bafedc7