VDE-2025-054
July 8, 2025, 12:00 PM
Multiple vulnerabilities in the PLCnext system allowed low-privileged remote attackers to gain unauthorized access or trigger system reboots by manipulating configuration files and symbolic links. Affected services include watchdog, arp-preinit, …
VDE-2025-030
July 29, 2025, 12:00 PM
Frauscher Sensortechnik FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi R2 and all previous versions are vulnerable to OS Command Injection via malicious configuration file. CVE-2025-3626 affects FDS102 versions v2.8.0 < v2.13.3. …
VDE-2025-045
July 1, 2025, 12:00 PM
Authentication is not configured by default for the Node-RED server on the Pilz industrial PC IndustrialPI. An unauthenticated remote attacker has full access to the Node-RED server and can run …
VDE-2025-039
July 1, 2025, 12:00 PM
The Pilz industrial PC IndustrialPI webstatus application is vulnerable to an authentication bypass.
VDE-2024-061
June 30, 2025, 12:00 PM
A vulnerability has been disclosed in PLC ifm AC4xxS that allows an attacker to trigger the safety state with the help of a specially crafted html request. This leads to …
VDE-2025-046
June 30, 2025, 12:00 PM
PiCtory, a web application to configure the Pilz industrial PC IndustrialPI, has three vulnerabilities with varying degrees of severity. The first two are of critical severity and can lead to …
VDE-2025-043
June 25, 2025, 12:00 PM
A security vulnerability was discovered in the PLC Designer V4 in the version 4.0.0 where the programmer of a Controller can set a password for the connected device. Here it …
VDE-2025-038
June 24, 2025, 12:00 PM
Two vulnerabilities in myREX24/myREX24.virtual can lead to user enumeration an password bypass.