VDE-2020-016
Mai 28, 2020, 3:00 nachm.
An open port used for debugging grants root access to the device without access control via network.
VDE-2020-014
Mai 14, 2025, 4:34 nachm.
Security researchers at ESET have reported a vulnerability called Kr00k (CVE-2019- 15126) which affects encrypted WiFi traffic for devices using Broadcom or Cypress chipsets. The vulnerability may allow an attacker …
VDE-2020-013
März 27, 2020, 10:48 vorm.
If the software runs as a service, a user with limited access can gain administrator privileges by starting a shell with administrator rights from the Import / Export configuration dialog.
VDE-2020-012
Mai 22, 2025, 3:03 nachm.
The Phoenix Contact application 'PC WORX SRT' is installed as service. The installation path of the application is configured to have insecure permissions which allows any unprivileged user to write …
VDE-2020-005
Mai 22, 2025, 3:03 nachm.
The coupler's function could be inhibited by an attack.
VDE-2020-006
Mai 14, 2025, 2:28 nachm.
With special crafted requests it is possible to get sensitive information, in this case the password hashes, by measuring response delay. With a substantial amount of time this data can …
VDE-2020-011
Mai 22, 2025, 3:03 nachm.
An attacker needs an authorized login on the device in order to exploit the herein mentioned vulnerabilities. The reported vulnerabilities allow a local attacker with valid login credentials who is …
VDE-2020-010
März 9, 2020, 10:25 vorm.
An attacker needs an authorized login with administrative privileges on the device in order to exploit the herein mentioned vulnerability. The weakness allows an attacker which has admin privileges on …