VDE-2025-042
Mai 27, 2025, 11:00 vorm.
The Lenze VPN client is vulnerable to a Local Privilege Escalation to root/SYSTEM by executing a configuration file which can be controlled by a non-privileged user. This occurs through a …
VDE-2025-044
Aug. 27, 2025, 12:00 nachm.
Weidmueller industrial ethernet switches are affected by multiple vulnerabilities. Weidmueller has released new firmwares of the affected products to fix the vulnerabilities.
VDE-2025-011
Aug. 27, 2025, 12:00 nachm.
A stored cross-site scripting vulnerability has been discovered in the profinet gateway LB8122A.1.EL. An attacker can write an HTML tag with up to 32 characters in the message field of …
VDE-2025-041
Mai 19, 2025, 11:00 vorm.
Weidmueller product ResMa is affected by ASP.NET AJAX vulnerability. Weidmueller has released a new firmware for the affected product to fix the vulnerability.
VDE-2025-010
Mai 14, 2025, 3:00 nachm.
A security researcher discovered a privilege escalation vulnerability in the demo system area of the SMA Classic Portal, www.sunnyportal.com. Only systems of other users have been affected who unintendedly and …
VDE-2025-024
Mai 13, 2025, 12:00 nachm.
Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability.
VDE-2025-029
Mai 14, 2025, 2:28 nachm.
A denial of service (DoS) attack targeting port 80 (http service) can overload the device (CWE-770). This behaviour has been observed when running network security scanners.
VDE-2025-026
Mai 14, 2025, 3:00 nachm.
Sending too much data in the service telegram of AUMA actuators leads to a buffer overflow in the actuator controls. Depending on the actuator, the service telegram is transmitted either …