"Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices"
Security researchers at TXOne Networks have discovered that several vulnerabilities in a Weintek product could have been exploited to manipulate and damage industrial control systems (ICS). The security holes impact Taiwan-based Weintek's Weincloud, a cloud-based product designed for remotely managing human-machine interfaces (HMIs) and operations. According to a recent advisory published by CISA, the affected product is used by organizations worldwide, particularly in the critical manufacturing sector. Weintek patched the vulnerabilities with an account API update, and no action is required from users. The TXOne researchers confirmed that exploitation no longer appears possible. Four types of security holes have been found in Weintek Weincloud, three of which have been assigned "high severity" ratings. The researchers noted that one of them could have been exploited to reset an account's password by using the corresponding JWT token. Another issue could have been leveraged to log in with testing credentials to the official website by abusing the registration functionality. The third high-severity flaw could be used to cause a DoS condition. The fourth issue, classified as "medium severity," could have been exploited for brute-force attacks.