VDE-2022-054
Jan. 12, 2023, 8:52 vorm.
A vulnerability in the web-based management (WBM) of WAGOs programmable logic controller (PLC) could allow an unauthenticated remote attacker to retrieve sensitive information.
VDE-2022-056
Dez. 14, 2022, 8:00 vorm.
A JavaScript injection vulnerability has been discovered in the XML editing system SCHEMA ST4 onlinehelp by Quanos Solutions GmbH. For details refer to CVE.This vulnerability may allow an attacker to …
VDE-2022-038
Okt. 1, 2025, 12:50 nachm.
A vulnerability was reported in WIBU-SYSTEMS CodeMeter Runtime. WIBU-SYSTEMS CodeMeter Runtime is part of the installation packages of several Festo products.FluidDraw < 6.2c and CIROS <= 7.0.6 contain a …
VDE-2022-057
Mai 14, 2025, 3:00 nachm.
Multiple Wiesemann & Theis product families are affected by a vulnerability in the web interface. The device allows an unauthenticated attacker to get the session ID of a logged in …
VDE-2022-058
Mai 14, 2025, 3:00 nachm.
Two vulnerabilities have been discovered in the Expat XML parser library (aka libexpat). This open-source component is widely used in a lot of products worldwide. An attacker could cause a …
VDE-2022-050
Dez. 12, 2022, 12:00 nachm.
An unauthenticated remote attacker could reset the administrator's password with information from the default, self-signed certificate.
VDE-2022-041
Nov. 3, 2025, 11:00 vorm.
Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation …
VDE-2022-037
Okt. 28, 2025, 12:00 nachm.
The products are shipped with an unsafe configuration of the integrated CODESYS Runtime environment. In this case no default password is set to the CODESYS PLC and therefore access without …