ZLAN Information Technology Co. ZLAN5143D

Act Now9.8ICS-CERT ICSA-26-041-02Feb 10, 2026

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

ZLAN5143D v1.600 contains authentication bypass and password reset vulnerabilities (CWE-306). Successful exploitation allows an attacker to bypass authentication controls or reset the device password, gaining unauthorized access.

What this means

What could happen

An attacker could bypass authentication or reset the device password, gaining full control of the ZLAN5143D. This could allow unauthorized reconfiguration, data access, or disruption of equipment managed by this device.

Who's at risk

Organizations using ZLAN5143D devices for equipment management or control in water systems, electrical distribution, or other critical infrastructure should assess exposure and apply network controls immediately. This device may manage remote sensors, pumps, generators, or other field equipment.

How it could be exploited

An attacker with network access to the ZLAN5143D can exploit the authentication bypass or password reset vulnerability without credentials. By sending a specially crafted request to the device, the attacker can bypass login controls or force a password reset, then log in with default or attacker-controlled credentials to access administrative functions.

Prerequisites

Network access to the ZLAN5143D device on its management interface
No valid credentials required

remotely exploitableno authentication requiredlow complexityno patch availableauthentication bypassdefault or weak password exposure

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

ZLAN5143D: v1.600v1.600No fix (EOL)

Remediation & Mitigation

0/3

Do now

0/3

HOTFIXContact ZLAN Information Technology Co. to inquire about available patches or firmware updates for the ZLAN5143D

HARDENINGIsolate ZLAN5143D devices from untrusted networks using a firewall or network segmentation

HARDENINGRestrict network access to the ZLAN5143D management interface to authorized administrative workstations only

CVEs (2)

CVE-2026-25084 CVE-2026-24789

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/6f166b8a-93e7-4f91-8f0d-d22d4028e01e