OTPulse
FeedAboutContact

PEPPERL+FUCHS WirelessHART-Gateways

Act Now5.3ICS-CERT ICSA-19-073-03Mar 14, 2019
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

The Pepperl+Fuchs WHA-GW-* WirelessHART gateway contains a path traversal vulnerability (CWE-22) that allows an attacker to access files and restricted directories on the device through manipulation of file parameters. All firmware versions are affected. The vulnerability requires only network access with no authentication. Affected users should upgrade WHA-GW-*-ETH devices to firmware Version 03.00.08 or WHA-GW-*-ETH.EIP devices to firmware Version 02.00.01.

What this means
What could happen
An attacker who gains network access to the WirelessHART gateway can read files and access restricted directories on the device, potentially exposing sensitive data like configuration or credentials. This could lead to further attacks on the wireless network or process control systems the gateway manages.
Who's at risk
Pepperl+Fuchs WHA-GW-* WirelessHART gateway devices in any facility using wireless industrial sensor networks—including water treatment plants, electric utilities, and manufacturing operations that rely on WirelessHART for remote monitoring or control of process equipment.
How it could be exploited
An attacker sends a crafted request to the gateway that manipulates file path parameters (path traversal) to retrieve files outside the intended directory. This requires network access to the gateway but no authentication or user interaction. The attacker could iterate through directories to locate and extract sensitive files.
Prerequisites
  • Network access to the WHA-GW-* device
  • No authentication required
  • Device must be reachable from the attacker's network segment
remotely exploitableno authentication requiredlow complexityhigh EPSS score (37%)affects industrial automation devices
Exploitability
High exploit probability (EPSS 37.0%)
Affected products (1)
ProductAffected VersionsFix Status
WHA-GW-*: All productsAll versionsNo fix yet
Remediation & Mitigation
0/5
Do now
0/1
HARDENINGRestrict network access to the gateway: place it behind a firewall and deny inbound access from the business network or Internet
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade WHA-GW-*-ETH devices to firmware Version 03.00.08 or later
HOTFIXUpgrade WHA-GW-*-ETH.EIP devices to firmware Version 02.00.01 or later
Long-term hardening
0/2
HARDENINGImplement network segmentation to isolate the WirelessHART gateway and its devices on a separate control network
HARDENINGIf remote access to the gateway is required, use a VPN tunnel with current security updates
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/0e09c124-aa82-4780-82c2-5d143234d3b8