OTPulse
FeedAboutContact

Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller

Plan Patch8.2ICS-CERT ICSA-26-050-04Feb 19, 2026
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in the Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller allows unauthenticated remote manipulation of odorization control parameters. Successful exploitation could result in over- or under-odorization events affecting natural gas safety and mercaptan odorant levels. The vulnerability affects all versions of the product, and Welker did not respond to CISA coordination efforts. No patch is available.

What this means
What could happen
An attacker could manipulate odorization levels in natural gas distribution systems, causing over- or under-odorization events that could affect gas safety (mercaptan odorant levels) and downstream detection of gas leaks by consumers.
Who's at risk
Natural gas utilities and municipal authorities operating Welker OdorEyes EcoSystem Pulse Bypass Systems with XL4 Controllers for odorization monitoring and control. This impacts gas safety operations where mercaptan odorant levels must be maintained at regulatory standards for consumer leak detection.
How it could be exploited
An attacker with network access to the XL4 Controller could send unauthenticated commands over the network to alter odorization setpoints or control parameters. No credentials or prior interaction is required to trigger the vulnerability.
Prerequisites
  • Network access to the XL4 Controller (Modbus TCP port 502 or equivalent)
  • No authentication credentials required
  • Device must be connected to a network reachable from the attacker
remotely exploitableno authentication requiredlow complexityno patch availableaffects safety systems
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
OdorEyes EcoSystem Pulse Bypass System with XL4 Controller: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGSegment the OdorEyes EcoSystem network from general corporate IT networks using firewalls or air-gapping; restrict access to the XL4 Controller to authorized engineering workstations only
HARDENINGMonitor and log all network communications to and from the XL4 Controller to detect unauthorized commands
WORKAROUNDContact Welker directly to inquire about patch availability or workarounds; request security guidance on compensating controls
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGImplement network access controls (firewall rules, VPN, jump hosts) to restrict who can reach the XL4 Controller from outside the local control network
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b22cc366-b2ec-404f-bd7c-01514d39c221
Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller | CVSS 8.2 - OTPulse