Advisories

For CVSS 2.0, 3.0 and 3.2
VDE-2021-017
May 14, 2025, 2:28 PM
Multiple Vulnerabilities in mbConnect24serv (a software service of mbDIALUP) can lead to arbitrary code execution due to improper privilege management. Update A, 2021-11-24 corrected fixed version in solution from 3.9R0.4 …
VDE-2021-031
May 14, 2025, 2:28 PM
Two vulnerabilities in mbCONNECT24 and mymbCONNECT24 can lead to information disclosure and arbitrary code execution. Please consult the CVE entries for details.
VDE-2020-036
May 14, 2025, 3:00 PM
Multiple vulnerabilities in the WAGO I/O-Check Service were reported.
VDE-2021-025
May 14, 2025, 2:28 PM
A Denial of Service and a CA Check Problem have been identified in multiple openSSL 1.1.1 versions, which are utilized in the Phoenix Contact products listed above.
VDE-2021-023
May 14, 2025, 2:28 PM
Multiple vulnerabilities have been discovered in the current firmware of the PHOENIX CONTACT FL SWITCH SMCS series switches.
VDE-2021-019
May 14, 2025, 3:00 PM
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers …
VDE-2021-022
May 14, 2025, 2:28 PM
When the communication partner sends an invalid Modbus exception response to the FL COMSERVER UNI as a query, the Modbus communication stops, and the device will be unresponsive for some …
VDE-2021-021
May 14, 2025, 2:28 PM
An undocumented password protected FTP access to the root directory exists in certain devices of the AXL F BK and IL BK product families (CWE-798).