VDE-2024-010
Aug. 27, 2025, 12:00 nachm.
The data24 service that is bundled with every installation of mbCONNECT24/mymbCONNECT24 has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and …
VDE-2025-013
Juni 5, 2025, 3:31 nachm.
The CODESYS Gateway enables communication between CODESYS runtimes and other clients, primarily the CODESYS Development System V3. It is usually installed as a part of the CODESYS Development System V3 …
VDE-2025-015
Juni 5, 2025, 3:31 nachm.
A low privileged attacker with physical access to a controller, that supports removable media and is running a CODESYS Control runtime system, can exploit the insufficient path validation by connecting …
VDE-2025-036
März 6, 2025, 3:00 nachm.
Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered, that can be accessed via Ethernet.
VDE-2025-004
April 10, 2025, 3:00 nachm.
Nozomi Networks reported a vulnerability in the pfc firmware sdk-G2 of libwagosnmp. The WAGO pfc-firmware-sdk-G2 is a software development kit designed for WAGO PFC devices which allows developers to build …
VDE-2025-021
Mai 14, 2025, 3:26 nachm.
Weidmüller product PROCON-WIN is affected by hard-coded credentials. Weidmüller has released a new version of the affected product to fix the vulnerability.
VDE-2025-023
März 5, 2025, 12:00 nachm.
Multiple Weidmueller products are affected by an OpenSSL vulnerability. Weidmüller has released new firmwares of the affected products to fix the vulnerability.
VDE-2025-012
Mai 22, 2025, 3:03 nachm.
A security researcher discovered a critical Remote Code Execution vulnerability in sunnyportal.com. An attacker could upload code instead of an image and remotely execute this code.