OTPulse
FeedAboutContact

HMS Networks Ewon Flexy 202

Monitor5.7ICS-CERT ICSA-25-023-06Jan 23, 2025
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

HMS Networks Ewon Flexy 202 devices transmit sensitive user credentials insecurely, allowing attackers positioned on the network or able to intercept traffic to capture and disclose authentication credentials. The vulnerability is due to use of cleartext or inadequately encrypted protocols when the device is not integrated with the Talk2M Cloud service. All versions of the Ewon Flexy 202 are affected, and no vendor patch is available.

What this means
What could happen
An attacker could intercept and steal user credentials transmitted over the network when accessing the Ewon Flexy 202, potentially allowing unauthorized access to the device or connected systems.
Who's at risk
This affects any organization using HMS Networks Ewon Flexy 202 devices for remote industrial access or monitoring, including small-to-medium manufacturers, utilities, and water treatment facilities that rely on remote connectivity for field device management and diagnostics.
How it could be exploited
An attacker on the same network segment or with ability to intercept traffic (e.g., via man-in-the-middle) can capture credentials that are transmitted in cleartext or without proper encryption protection due to insecure protocol usage.
Prerequisites
  • Network access to the Ewon Flexy 202 device or ability to intercept traffic on the network segment where credentials are transmitted
  • Device configured to use insecure protocols (not using Talk2M Cloud integration)
  • User interaction: credentials must be entered/transmitted while attacker has network visibility
No patch available (end-of-life product)Credentials could be transmitted insecurelyAffects remote access devices commonly deployed in industrial networksLow exploitation complexity (passive credential capture)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Ewon Flexy 202: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/4

Patching may require device reboot — plan for process interruption

HARDENINGIntegrate the Ewon Flexy 202 with HMS Talk2M Cloud service for encrypted remote access
HARDENINGDisable all unused and insecure protocols on the device
HARDENINGImplement network segmentation to isolate the Ewon Flexy 202 behind a firewall, restricting access from untrusted networks
HARDENINGIf remote access is required, use a VPN connection to secure credentials in transit
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/dcdacf15-345e-4cbd-bec3-b01eef9ac2fa