Advisories

Unsere Advisories sind ausschließlich in englischer Sprache verfügbar. Wir bitten um Ihr Verständnis.

Datum	ID	Titel
2021-03-22	VDE-2020-011	TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability (CVE-2021-3156)
2021-03-08	VDE-2020-053	PEPPERL+FUCHS: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities
2021-03-01	VDE-2021-005	ENDRESS+HAUSER: Multiple Devices affected by fdtContainer vulnerability
2021-02-16	VDE-2021-006	PEPPERL+FUCHS: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service
2021-02-16	VDE-2021-007	PEPPERL+FUCHS: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service
2021-02-15	VDE-2020-050	PEPPERL+FUCHS: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service
2021-02-15	VDE-2021-003	MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 <= 2.6.2
2021-01-20	VDE-2021-002	WEIDMUELLER: WI Manager affected by fdtContainer vulnerability
2021-01-15	VDE-2021-001	PEPPERL+FUCHS: Vulnerability allowing code-excution in PACTware <= 5.0.5.31
2021-01-14	VDE-2020-048	WAGO/M&M Software: Deserialization of untrusted data in fdtContainer
2021-01-04	VDE-2020-038	PEPPERL+FUCHS: Multiple vulnerabilites in Comtrol IO-Link Master. Affected versions <= 1.5.48
2020-12-17	VDE-2020-045	WAGO: Command Injection Vulnerability in I/O-Check Service
2020-12-17	VDE-2020-049	PHOENIX CONTACT: Multiple vulnerabilities in PLCnext Control devices
2020-12-17	VDE-2020-046	PHOENIX CONTACT: mGuard products missing initialization of resource
2020-12-02	VDE-2020-047	PHOENIX CONTACT: BTP Touch Panels uncontrolled resource consumption
2020-11-19	VDE-2020-021	ENDRESS+HAUSER: Ecograph T utilizing Webserver firmware version 1.x
2020-11-19	VDE-2020-022	ENDRESS+HAUSER: Ecograph T utilizing Webserver firmware version 2.x
2020-11-19	VDE-2020-037	Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) (Update A)
2020-10-27	VDE-2020-031	ENDRESS+HAUSER: Products utilizing WIBU-SYSTEMS AG Code Meter component
2020-10-27	VDE-2020-042	WAGO: PLC families 750-88x and 750-352 prone to DoS attack, versions < FW10 (Update A)
2020-10-27	VDE-2020-039	TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities
2020-10-16	VDE-2020-043	BENDER: COMTRAXX - Inadequate credentials check
2020-10-12	VDE-2020-041	WEIDMUELLER: u-create studio affected by WIBU-SYSTEMS CodeMeter vulnerabilities
2020-10-07	VDE-2020-040	PEPPERL+FUCHS: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux (Update C)
2020-09-30	VDE-2020-029	WAGO: XSS vulnerability in Web-UI in WAGO 750-88X and WAGO 750-89X
2020-09-30	VDE-2020-028	WAGO: Authentication Bypass Vulnerability in WAGO 750-36X and WAGO 750-8XX Versions <= FW03
2020-09-30	VDE-2020-027	WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07
2020-09-18	VDE-2020-035	MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1
2020-09-10	VDE-2020-034	PEPPERL+FUCHS/VMT Bildverarbeitungssysteme GmbH: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU SYSTEMS CodeMeter components
2020-09-10	VDE-2020-033	PILZ: Multiple products prone to WIBU CodeMeter vulnerabilities
2020-09-09	VDE-2020-032	WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT (Update A)
2020-09-09	VDE-2020-030	PHOENIX CONTACT: Products utilizing WIBU SYSTEMS CodeMeter components
2020-08-20	VDE-2020-026	PHOENIX CONTACT: Denial-of-Service vulnerabilty in Emalytics, ILC 2050 BI and ILC 2050 BI-L
2020-07-21	VDE-2020-025	PHOENIX CONTACT: Improper path sanitation on import of project files in PLCnext Engineer
2020-07-08	VDE-2020-024	MIELE: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED
2020-07-01	VDE-2020-023	PHOENIX CONTACT: Two Vulnerabilities in Automation Worx Suite (Update A)
2020-06-16	VDE-2020-019	BECKHOFF: EtherLeak in TwinCAT RT network driver (Update A)
2020-06-10	VDE-2020-020	WAGO: PPPD in PFC100 and PFC200 Series is vulnerable to CVE-2020-8597
2020-06-10	VDE-2020-015	WAGO: Web Based Management - Code Execution Vulnerability
2020-06-02	VDE-2020-018	PHOENIX CONTACT FL MGUARD, TC MGUARD, TC ROUTER and TC CLOUD CLIENT: PPPD vulnerable to CVE-2020-8597
2020-05-29	VDE-2020-017	PEPPERL+FUCHS, PACTware: Two password vulnerabilities found
2020-05-28	VDE-2020-016	SWARCO: Critical Vulnerability in CPU LS4000
2020-03-31	VDE-2020-014	PEPPERL+FUCHS Kr00k vulnerabilities in Broadcom Wi-Fi chipsets
2020-03-27	VDE-2020-013	PHOENIX CONTACT Local Privilege Escalation in Portico Remote desktop control software
2020-03-27	VDE-2020-012	PHOENIX CONTACT Local Privilege Escalation in PC WORX SRT
2020-03-10	VDE-2020-005	BECKHOFF: BK9000 couplers - Denial of service inhibits function
2020-03-09	VDE-2020-011	WAGO: Multiple Vulnerabilities in I/O-Check Service
2020-03-09	VDE-2020-010	WAGO: Cloud Connectivity Remote Code Execution Vulnerability
2020-03-09	VDE-2020-009	WAGO: e!Cockpit Two Update Package Vulnerabilities
2020-03-09	VDE-2020-008	WAGO: Cloud Connectivity Multiple Vulnerabilities
2020-03-09	VDE-2020-007	WAGO: Web-Based Management Denial of Service
2020-03-09	VDE-2020-006	WAGO: Web-Based Management Authentication Vulnerabilities
2020-03-09	VDE-2020-004	WAGO: e!Cockpit cleartext communication and hardcoded key
2020-03-05	VDE-2020-003	PHOENIX CONTACT: TC Router and TC Cloud Client multiple vulnerabilities
2020-02-25	VDE-2020-002	PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks
2020-02-17	VDE-2020-001	PHOENIX CONTACT Emalytics Controller ILC 2050 BI(L) allows unauthorised read and write access to the configuration file.
2019-12-16	VDE-2019-022	WAGO Multiple Vulnerabilities in I/O-Check Service in Multiple Devices
2019-12-05	VDE-2019-018	Weidmueller multiple vulnerabilities in various Industrial Ethernet managed switches
2019-11-07	VDE-2019-021	PEPPERL+FUCHS Linux Kernel Vulnerability on ecom Mobile Devices
2019-10-29	VDE-2019-020	PHOENIX CONTACT improper access control exists on FL NAT devices when using MAC-based port security (Update A)
2019-10-15	VDE-2019-016	PHOENIX CONTACT Security Advisory for Automation Worx Software Suite (Update A)
2019-10-09	VDE-2019-019	Beckhoff TwinCAT Denial-of-Service in Profinet driver (Update A)
2019-09-18	VDE-2019-017	WAGO Series PFC100/PFC200 Information Disclosure
2019-06-28	VDE-2019-015	PHOENIX CONTACT Security Advisory for Industrial Controllers ILC1x0, ILC1x1, AXC1050 and AXC3050
2019-06-19	VDE-2019-014	PHOENIX CONTACT Multiple Vulnerabilities in Automation Worx Software Suite (Update A)
2019-06-12	VDE-2019-013	WAGO Multiple Vulnerabilities in industrial managed switches
2019-06-04	VDE-2019-012	TECSON/GOK Improper Authentication and Access Control on multiple devices
2019-06-04	VDE-2019-009	PHOENIX CONTACT Multiple Vulnerabilities in AXC F 2152 (Update A)
2019-05-29	VDE-2019-011	PEPPERL+FUCHS Remote code execution vulnerability in HMI devices (Update A)
2019-05-20	VDE-2019-010	MIELE Multiple Vulnerabilities in XGW 3000 ZigBee Gateway
2019-04-12	VDE-2019-008	WAGO Undocumented service access in Series 750-88x and 750-87x devices
2019-03-25	VDE-2019-007	PHOENIX CONTACT command injection on RAD-80211-XD(/HP-BUS)
2019-03-25	VDE-2019-006	PHOENIX CONTACT unauthorized access to WEB-UI on FL NAT SMx
2019-03-19	VDE-2019-005	ENDRESS+HAUSER WIFI enabled products utilising WPA2
2019-03-14	VDE-2019-004	PEPPERL+FUCHS ecom Mobile Devices prone to BlueBorne Attack
2019-03-06	VDE-2019-002	PEPPERL+FUCHS Path traversal in WirelessHART Gateway
2019-03-05	VDE-2019-003	PHOENIX CONTACT Multiple Vulnerabilities in MEVIEW3
2019-01-23	VDE-2019-001	PHOENIX CONTACT Multiple Vulnerabilities in FL SWITCH 3xxx, 4xxx and 48xx
2018-10-19	VDE-2018-016	PEPPERL+FUCHS ecom Mobile devices prone to Android privilege elevation vulnerability
2018-09-21	VDE-2018-015	PHOENIX CONTACT AXL F BK PN Denial of Service Vulnerability
2018-08-17	VDE-2018-013	WAGO 750-8xx Controller Denial of Service
2018-08-13	VDE-2018-012	PHOENIX CONTACT ILC 1x1 ETH Denial of Service
2018-07-10	VDE-2018-010	WAGO Multiple vulnerabilities in e!DISPLAY products
2018-07-06	VDE-2018-008	PEPPERL+FUCHS Remote Code Execution Vulnerability in HMI Devices
2018-07-06	VDE-2018-009	PEPPERL+FUCHS Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices (Update A)
2018-05-16	VDE-2018-007	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series - Stack-based Buffer Overflow in shared object file
2018-05-16	VDE-2018-006A	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series through 1.33 has a Stack-based Buffer Overflow (Update A)
2018-05-16	VDE-2018-005	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Information Exposure
2018-05-16	VDE-2018-004	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Command Injection
2018-03-23	VDE-2018-003	PHOENIX CONTACT addressing Meltdown and Spectre vulnerabilities
2018-02-14	VDE-2018-002	Pepperl+Fuchs HMI devices vulnerable to Meltdown and Spectre Attacks
2018-01-30	VDE-2018-001	PHOENIX CONTACT Advisory for mGuard products
2018-01-10	VDE-2017-006	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series web-service authentication bypass
2017-12-11	VDE-2017-005	PEPPERL+FUCHS / ecom instruments WLAN enabled products utilizing WPA2 encryption (Update A)
2017-12-05	VDE-2017-004	PHOENIX CONTACT FL COMSERVER cross-site scripting (XSS) vulnerability
2017-11-09	VDE-2017-003B	PHOENIX CONTACT WLAN enabled devices utilising WPA2 encryption (Update B)
2017-09-07	VDE-2017-002	PHOENIX CONTACT mGuard device manager (mdm) multiple vulnerabilities in Java SE
2017-08-11	VDE-2017-001	PHOENIX CONTACT mGuard IKE daemon remote denial of service