Browse all 13 CVE security advisories affecting Westermo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Westermo specializes in industrial networking solutions, focusing on secure communication for critical infrastructure. Their products have historically been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and authentication flaws. While no major public security incidents have been widely documented, the 13 CVEs on record highlight persistent concerns in their web interfaces and firmware implementations. Their security posture typically emphasizes robustness in harsh environments, though historical vulnerabilities suggest ongoing challenges in secure coding practices, particularly for legacy systems requiring long-term support in industrial automation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-40143 | Westermo Lynx — LynxCWE-79 | 5.4 | Medium | 2024-02-06 |
| CVE-2023-45735 | Westermo Lynx Code Injection — LynxCWE-94 | 8.0 | High | 2024-02-06 |
| CVE-2023-45222 | Westermo Lynx Cross-site Scripting — LynxCWE-79 | 5.4 | Medium | 2024-02-06 |
| CVE-2023-45213 | Westermo Lynx Permissive Cross-domain Policy with Untrusted Domains — LynxCWE-942 | 6.6 | Medium | 2024-02-06 |
| CVE-2023-42765 | Westermo Lynx Cross-site Scripting — LynxCWE-79 | 5.4 | Medium | 2024-02-06 |
| CVE-2023-40544 | Westermo Lynx Cleartext Transmission of Sensitive Information — LynxCWE-319 | 5.7 | Medium | 2024-02-06 |
| CVE-2023-45227 | Westermo Lynx Cross-site Scripting — LynxCWE-79 | 5.4 | Medium | 2024-02-06 |
| CVE-2023-38579 | Westermo Lynx 206-F2G Cross-Site Request Forgery — LynxCWE-352 | 8.0 | High | 2024-02-06 |
This page lists every published CVE security advisory associated with Westermo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.