Cyberdudebivash

  Executive Summary Vulnerability: CVE-2025-46419 is a denial-of-service flaw in Westermo WeOS 5 network operating system. A malicious, specially crafted ESP (Encapsulating Security Payload) packet can cause a device reboot — disrupting network availability. Affected Versions: WeOS versions 5.23.0 and earlier . Impact: Network devices (routers/switches) can be taken down, affecting availability, operations; possible chained attacks (if reboot loops lead to timing adversary windows). Status: High severity. Patches released in versions > 5.23.0 . Urgent for industrial, SCADA, telecom, field networks using WeOS devices. Technical Details Attack vector: Network attacker (or misconfigured peer) sends crafted IPsec ESP packet to WeOS device. Upon processing it, the kernel fails safely, triggering a reboot. Attack prerequisites: ability to send ESP-encrypted or malformed ESP packet; possibly knowledge of device IP and open IPsec endpoint. Not remote cod...