VDE-2024-023
April 23, 2024, 10:00 AM
Welotec has been informed by an external source that the WebUI of the device management solution "SMART EMS" and the remote connectivity solution "VPN Security Suite" is vulnerable to so-called …
VDE-2024-017
May 22, 2025, 3:03 PM
Critical vulnerabilities have been discovered in the product due to outdated software components.The impact of the vulnerabilities on the affected device may result in Denial of service Bypassing of authentication …
VDE-2024-009
May 14, 2025, 2:28 PM
Welotec has closed two vulnerabilities in the TK500v1 router series and advises to update the routers to firmware version r5542 or later. An exploitation of the vulnerabilities can allow an …
VDE-2023-039
March 13, 2024, 9:30 AM
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning, and updates. The option to change the configuration data via tools or the web-based-management …
VDE-2024-011
March 12, 2024, 8:00 AM
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. These vulnerabilities were discovered as part of a PWN2OWN competition initiated by Trend Micro Zero Day Initiative …
VDE-2024-018
May 14, 2025, 2:36 PM
Multiple Wiesemann & Theis software products are affected by a vulnerability through an unquoted search path in the Windows registry. A local attacker can execute arbitrary code and gain administrative …
VDE-2024-014
June 5, 2025, 3:28 PM
Several WAGO Firmwares are vulnerable to a to a remote attack which allows to bypass the integrity check through OpenSSH. This called Terrapin attack occurs because of mishandled handshake phase.
VDE-2024-016
May 22, 2025, 3:03 PM
The affected products and versions present a vulnerability due to a vulnerable integrated software component the docker runc <= 1.1.11. In the worst-case scenario, the integrated Docker container environment …