VDE-2022-061
      March 15, 2023, 10:00 AM
    
      VARTA energy storage systems have a web user interface via which users and installers can access live data measurements and configure the system to their needs. It has been discovered …
    
    
      
        
      
    
  VDE-2023-003
      May 14, 2025, 3:00 PM
    
      Multiple vulnerabilities have been discovered in CODESYS Control V3 runtime system. For details regarding the single vulnerabilities please refer to the security advisories issued by CODESYS: - CODESYS Security Advisory …
    
    
      
        
      
    
  VDE-2022-053
      May 14, 2025, 3:00 PM
    
      Two Vulnerabilities have been discovered in TC ROUTER 4000 series and CLOUD CLIENT 2000 series up to firmware version 4.5.7x.107. The web administration interface is vulnerable for authenticated admin users …
    
    
      
        
      
    
  VDE-2022-060
      Feb. 27, 2023, 12:00 PM
    
      The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates. The configuration backend can in some cases be used without authentication and …
    
    
      
        
      
    
  VDE-2022-055
      Feb. 16, 2023, 2:43 PM
    
      An unknown and undocumented configuration interface with limited functionality was identified on the affected devices.
    
    
      
        
      
    
  VDE-2023-001
      June 5, 2025, 3:28 PM
    
      A new LTS Firmware release fixes known vulnerabilities in used open-source libraries. In addition, the following improvements have been implemented: HMI - Hardening against DoS attacks. - Hardening against memory …
    
    
      
        
      
    
  VDE-2022-059
      May 22, 2025, 3:03 PM
    
      Unquoted Windows search path vulnerability in the below mentioned Software for Windows might allow local users to gain privileges via a malicious .exe file.
    
    
      
        
      
    
  VDE-2022-054
      Jan. 12, 2023, 8:52 AM
    
      A vulnerability in the web-based management (WBM) of WAGOs programmable logic controller (PLC) could allow an unauthenticated remote attacker to retrieve sensitive information.