Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product
Act Now9.8VDE-2024-066Oct 15, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Multiple vulnerabilities in Helmholz REX100 (versions 2.2.13 and earlier) allow remote code execution and unauthorized file access. The vulnerabilities stem from missing authentication checks (CWE-306, CWE-798), improper code validation (CWE-94), and insecure file permissions (CWE-552). An unauthenticated attacker on the network can exploit these issues to execute arbitrary code or access sensitive files on the device.
What this means
What could happen
An attacker could run arbitrary code on the REX100 device or access sensitive files without authentication, potentially allowing them to alter process logic, steal configuration data, or disrupt operations at your facility.
Who's at risk
Organizations using Helmholz REX100 controllers in manufacturing, process control, or automation systems. This device is commonly used in industrial settings for control logic, data acquisition, and system integration.
How it could be exploited
An attacker on the network could send specially crafted requests to the REX100 to execute code remotely or bypass authentication to access files. No user interaction or valid credentials are required to exploit these vulnerabilities.
Prerequisites
- Network access to the REX100 device
- No authentication required
- No special configuration required
remotely exploitableno authentication requiredlow complexitycritical severity (CVSS 9.8)remote code execution possibleunauthorized file access possible
Affected products (1)
ProductAffected VersionsFix Status
REX100≤ 2.2.132.3.1
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate REX100 firmware to version 2.3.1 or later
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/297cb1d7-fd38-4d00-9239-5d3ebbc4f87a