Connect with us

Hi, what are you looking for?



Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices

Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.

Several vulnerabilities discovered by a researcher from industrial cybersecurity firm TXOne Networks in a Weintek product could have been exploited to manipulate and damage industrial control systems (ICS).

The security holes impact Taiwan-based Weintek’s Weincloud, a cloud-based product designed for remotely managing human-machine interfaces (HMIs) and operations. 

According to CISA, which recently published an advisory to inform organizations about these vulnerabilities, the affected product is used by organizations worldwide, particularly in the critical manufacturing sector.

The vulnerabilities were patched by Weintek with an account API update and no action is required from users. Hank Chen, the TXOne researcher credited for finding the flaws, has confirmed for SecurityWeek that exploitation no longer appears possible.

Four types of security holes have been found in Weintek Weincloud, three of which have been assigned ‘high severity’ ratings. 

One of them could have been exploited to reset an account’s password by using the corresponding JWT token. Another issue could have been leveraged to log in with testing credentials to the official website by abusing the registration functionality. The third high-severity flaw could be used to cause a DoS condition.

The fourth issue, classified as ‘medium severity’, could have been exploited for brute-force attacks.

Chen told SecurityWeek that under specific — but commonly found — circumstances an attacker could have exploited the vulnerabilities to take complete control of Weincloud instances. Since this is a cloud-based product, remote exploitation from the internet was possible. 

Advertisement. Scroll to continue reading.

“Attackers gain the ability to transfer control of HMIs from the compromised account to their own accounts. Once they gain control of the HMIs, they can manipulate them to control PLCs (programmable logic controllers) and damage field devices,” the researcher explained. 

Chen pointed out that these types of vulnerabilities are not specific to Weintek products. TXOne researchers have identified other cloud-based ICS products that are vulnerable to the same type of attacks. 

TXOne is presenting its research at the ICS Village at DEF CON 31 next month.  

“We want to emphasize the increasing trend of ICS solutions and applications migrating to the cloud, which brings along diverse security concerns similar to those addressed in this [CISA] advisory,” Chen said. 

Learn More at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
ICS Cybersecurity Conference
October 23-26, 2023 | Atlanta

Related: TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems

Related: Axis Door Controller Vulnerability Exposes Facilities to Physical, Cyber Threats

Related: Recently Patched GE Cimplicity Vulnerabilities Reminiscent of Russian ICS Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.