CVE-2025-63362 identifies a critical authentication bypass vulnerability in the Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway, specifically in Firmware Version 3.1.1.0 with hardware version 4.3.2.1 and web interface version V7.04T.07.002880.0301. The vulnerability allows an attacker to set the administrator username and password fields to blank values, effectively removing authentication requirements for accessing the device's administrative web interface. This flaw arises from improper validation or enforcement of credential fields during configuration, permitting unauthorized users to gain full administrative control over the device. Given that these gateways are commonly used to bridge serial industrial devices to Ethernet or Wi-Fi networks, unauthorized access could allow attackers to manipulate device configurations, intercept or alter data streams, or pivot into connected industrial control systems or IoT networks. The vulnerability does not require prior authentication or user interaction, making it trivially exploitable by anyone with network access to the device's management interface. No CVSS score has been assigned yet, and no patches or mitigations have been officially released. The lack of known exploits in the wild suggests the vulnerability is newly disclosed or reserved, but the risk remains significant due to the nature of the affected devices and the ease of exploitation.

For European organizations, especially those in industrial automation, manufacturing, energy, and critical infrastructure sectors, this vulnerability poses a substantial risk. Unauthorized administrative access to these gateways can lead to manipulation of serial-to-Ethernet/Wi-Fi communications, potentially disrupting operational technology (OT) environments. Confidentiality could be compromised by intercepting sensitive data transmitted through these devices. Integrity risks include unauthorized configuration changes that could alter device behavior or inject malicious commands into connected systems. Availability may be impacted if attackers disable or misconfigure the gateways, causing network or device outages. Given the increasing reliance on IoT and industrial networked devices in Europe, exploitation could lead to operational disruptions, safety hazards, and financial losses. The absence of authentication barriers also increases the likelihood of automated or opportunistic attacks, particularly in environments lacking strict network segmentation or monitoring.

European organizations should immediately audit their networks to identify any deployments of the affected Waveshare RS232/485 TO WIFI ETH (B) gateways. Until a vendor patch is available, organizations should implement strict network segmentation to isolate these devices from untrusted networks and limit access to their management interfaces to trusted administrators only. Deploy network access controls such as firewalls or VLANs to restrict inbound management traffic. Enable logging and continuous monitoring for unauthorized access attempts or configuration changes on these devices. If possible, disable web management interfaces or restrict them to secure management networks. Organizations should engage with Waveshare or authorized vendors to obtain firmware updates or patches as soon as they are released. Additionally, consider deploying intrusion detection systems (IDS) tuned to detect anomalous behavior related to these gateways. Finally, incorporate these devices into regular vulnerability management and incident response plans to ensure rapid detection and remediation of exploitation attempts.