Description
An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execution
on the system.
Published: 2026-02-27
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

An authentication bypass in Copeland XWEB Pro 1.12.1 and earlier allows anyone with network access to the device to bypass login screens and execute code directly on the system. This flaw provides full control over the firmware, potentially leading to disclosure of sensitive data, modification of system parameters, or denial of service. The weakness is classified as CWE‑327, indicating a broken or risky cryptographic mechanism that underlies the authorization failure.

Affected Systems

The affected products are Copeland XWEB 300D Pro, XWEB 500B Pro, and XWEB 500D Pro, all running firmware version 1.12.1 or earlier. Any device of these models that has not been updated to a newer firmware build is susceptible.

Risk and Exploitability

The vulnerability carries a CVSS score of 10, indicating a critical severity. Although EPSS indicates a very low probability of exploitation (<1%), the lack of a known exploit in public repositories and the fact that it is not listed in the CISA KEV list suggests it is not currently actively exploited. The likely attack vector is network‑based; an attacker can send crafted requests to the device’s service to trigger the authentication bypass and execute arbitrary code. Because the bypass eliminates the need for credentials, the threat remains for any user who can reach the device over its network interfaces.

Generated by OpenCVE AI on April 17, 2026 at 14:08 UTC.

Remediation

Vendor Solution

Copeland has provided a fix for the vulnerabilities and recommends users update the XWEB Pro to the latest version by going to their software update page https://webapps.copeland.com/Dixell/Pages/SystemSoftwareUpdate in the sections dedicated to the different XWEBPRO models page.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Copeland via the software update portal or the SYSTEM → Updates → Network menu.
  • Until the update is applied, block unused network ports or disable remote management on the XWEB Pro to limit exposure to trusted networks only.
  • Monitor authentication logs for unauthorized or repeated access attempts and investigate anomalies promptly.

Generated by OpenCVE AI on April 17, 2026 at 14:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 02 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Copeland xweb 300d Pro
Copeland xweb 300d Pro Firmware
Copeland xweb 500b Pro
Copeland xweb 500b Pro Firmware
Copeland xweb 500d Pro
Copeland xweb 500d Pro Firmware
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:h:copeland:xweb_300d_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:copeland:xweb_500b_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:copeland:xweb_500d_pro:-:*:*:*:*:*:*:*
cpe:2.3:o:copeland:xweb_300d_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:copeland:xweb_500b_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:copeland:xweb_500d_pro_firmware:*:*:*:*:*:*:*:*
Vendors & Products Copeland xweb 300d Pro
Copeland xweb 300d Pro Firmware
Copeland xweb 500b Pro
Copeland xweb 500b Pro Firmware
Copeland xweb 500d Pro
Copeland xweb 500d Pro Firmware

Fri, 27 Feb 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Copeland
Copeland copeland Xweb 300d Pro
Copeland copeland Xweb 500b Pro
Copeland copeland Xweb 500d Pro
Vendors & Products Copeland
Copeland copeland Xweb 300d Pro
Copeland copeland Xweb 500b Pro
Copeland copeland Xweb 500d Pro

Fri, 27 Feb 2026 01:00:00 +0000

Type Values Removed Values Added
Description An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system.
Title Copeland XWEB and XWEB Pro Use of a Broken or Risky Cryptographic Algorithm
Weaknesses CWE-327
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Copeland Copeland Xweb 300d Pro Copeland Xweb 500b Pro Copeland Xweb 500d Pro Xweb 300d Pro Xweb 300d Pro Firmware Xweb 500b Pro Xweb 500b Pro Firmware Xweb 500d Pro Xweb 500d Pro Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-03-02T18:58:23.373Z

Reserved: 2026-02-05T19:05:16.863Z

Link: CVE-2026-21718

cve-icon Vulnrichment

Updated: 2026-03-02T18:58:18.697Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-27T01:16:18.073

Modified: 2026-02-27T23:11:48.947

Link: CVE-2026-21718

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T14:15:21Z

Weaknesses