Advisories

Unsere Advisories sind ausschließlich in englischer Sprache verfügbar. Wir bitten um Ihr Verständnis.

Datum	ID	Titel
2020-07-08	VDE-2020-024	MIELE: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED
2020-07-01	VDE-2020-023	PHOENIX CONTACT: Two Vulnerabilities in Automation Worx Suite
2020-06-16	VDE-2020-019	BECKHOFF: EtherLeak in TwinCAT RT network driver
2020-06-10	VDE-2020-015	WAGO: Web Based Management - Code Execution Vulnerability
2020-06-10	VDE-2020-020	WAGO: PPPD in PFC100 and PFC200 Series is vulnerable to CVE-2020-8597
2020-06-02	VDE-2020-018	PHOENIX CONTACT FL MGUARD, TC MGUARD, TC ROUTER and TC CLOUD CLIENT: PPPD vulnerable to CVE-2020-8597
2020-05-29	VDE-2020-017	PEPPERL+FUCHS, PACTware: Two password vulnerabilities found
2020-05-28	VDE-2020-016	SWARCO: Critical Vulnerability in CPU LS4000
2020-03-31	VDE-2020-014	PEPPERL+FUCHS Kr00k vulnerabilities in Broadcom Wi-Fi chipsets
2020-03-27	VDE-2020-013	PHOENIX CONTACT Local Privilege Escalation in Portico Remote desktop control software
2020-03-27	VDE-2020-012	PHOENIX CONTACT Local Privilege Escalation in PC WORX SRT
2020-03-10	VDE-2020-005	BECKHOFF: BK9000 couplers - Denial of service inhibits function
2020-03-09	VDE-2020-011	WAGO: Multiple Vulnerabilities in I/O-Check Service
2020-03-09	VDE-2020-010	WAGO: Cloud Connectivity Remote Code Execution Vulnerability
2020-03-09	VDE-2020-009	WAGO: e!Cockpit Two Update Package Vulnerabilities
2020-03-09	VDE-2020-008	WAGO: Cloud Connectivity Multiple Vulnerabilities
2020-03-09	VDE-2020-007	WAGO: Web-Based Management Denial of Service
2020-03-09	VDE-2020-006	WAGO: Web-Based Management Authentication Vulnerabilities
2020-03-09	VDE-2020-004	WAGO: e!Cockpit cleartext communication and hardcoded key
2020-03-05	VDE-2020-003	PHOENIX CONTACT: TC Router and TC Cloud Client multiple vulnerabilities
2020-02-25	VDE-2020-002	PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks
2020-02-17	VDE-2020-001	PHOENIX CONTACT Emalytics Controller ILC 2050 BI(L) allows unauthorised read and write access to the configuration file.
2019-12-16	VDE-2019-022	WAGO Multiple Vulnerabilities in I/O-Check Service in Multiple Devices
2019-12-05	VDE-2019-018	Weidmueller multiple vulnerabilities in various Industrial Ethernet managed switches
2019-11-07	VDE-2019-021	PEPPERL+FUCHS Linux Kernel Vulnerability on ecom Mobile Devices
2019-10-29	VDE-2019-020	PHOENIX CONTACT improper access control exists on FL NAT devices when using MAC-based port security (Update A)
2019-10-15	VDE-2019-016	PHOENIX CONTACT Security Advisory for Automation Worx Software Suite (Update A)
2019-10-09	VDE-2019-019	Beckhoff TwinCAT Denial-of-Service in Profinet driver
2019-09-18	VDE-2019-017	WAGO Series PFC100/PFC200 Information Disclosure
2019-06-28	VDE-2019-015	PHOENIX CONTACT Security Advisory for Industrial Controllers ILC1x0, ILC1x1, AXC1050 and AXC3050
2019-06-19	VDE-2019-014	PHOENIX CONTACT Multiple Vulnerabilities in Automation Worx Software Suite (Update A)
2019-06-12	VDE-2019-013	WAGO Multiple Vulnerabilities in industrial managed switches
2019-06-04	VDE-2019-012	TECSON/GOK Improper Authentication and Access Control on multiple devices
2019-06-04	VDE-2019-009	PHOENIX CONTACT Multiple Vulnerabilities in AXC F 2152 (Update A)
2019-05-29	VDE-2019-011	PEPPERL+FUCHS Remote code execution vulnerability in HMI devices (Update A)
2019-05-20	VDE-2019-010	MIELE Multiple Vulnerabilities in XGW 3000 ZigBee Gateway
2019-04-12	VDE-2019-008	WAGO Undocumented service access in Series 750-88x and 750-87x devices
2019-03-25	VDE-2019-007	PHOENIX CONTACT command injection on RAD-80211-XD(/HP-BUS)
2019-03-25	VDE-2019-006	PHOENIX CONTACT unauthorized access to WEB-UI on FL NAT SMx
2019-03-19	VDE-2019-005	ENDRESS+HAUSER WIFI enabled products utilising WPA2
2019-03-14	VDE-2019-004	PEPPERL+FUCHS ecom Mobile Devices prone to BlueBorne Attack
2019-03-06	VDE-2019-002	PEPPERL+FUCHS Path traversal in WirelessHART Gateway
2019-03-05	VDE-2019-003	PHOENIX CONTACT Multiple Vulnerabilities in MEVIEW3
2019-01-23	VDE-2019-001	PHOENIX CONTACT Multiple Vulnerabilities in FL SWITCH 3xxx, 4xxx and 48xx
2018-10-19	VDE-2018-016	PEPPERL+FUCHS ecom Mobile devices prone to Android privilege elevation vulnerability
2018-09-21	VDE-2018-015	PHOENIX CONTACT AXL F BK PN Denial of Service Vulnerability
2018-08-17	VDE-2018-013	WAGO 750-8xx Controller Denial of Service
2018-08-13	VDE-2018-012	PHOENIX CONTACT ILC 1x1 ETH Denial of Service
2018-07-10	VDE-2018-010	WAGO Multiple vulnerabilities in e!DISPLAY products
2018-07-06	VDE-2018-008	PEPPERL+FUCHS Remote Code Execution Vulnerability in HMI Devices
2018-07-06	VDE-2018-009	PEPPERL+FUCHS Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices (Update A)
2018-05-16	VDE-2018-007	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series - Stack-based Buffer Overflow in shared object file
2018-05-16	VDE-2018-006A	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series through 1.33 has a Stack-based Buffer Overflow (Update A)
2018-05-16	VDE-2018-005	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Information Exposure
2018-05-16	VDE-2018-004	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Command Injection
2018-03-23	VDE-2018-003	PHOENIX CONTACT addressing Meltdown and Spectre vulnerabilities
2018-02-14	VDE-2018-002	Pepperl+Fuchs HMI devices vulnerable to Meltdown and Spectre Attacks
2018-01-30	VDE-2018-001	PHOENIX CONTACT Advisory for mGuard products
2018-01-10	VDE-2017-006	PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx series web-service authentication bypass
2017-12-11	VDE-2017-005	PEPPERL+FUCHS / ecom instruments WLAN enabled products utilizing WPA2 encryption (Update A)
2017-12-05	VDE-2017-004	PHOENIX CONTACT FL COMSERVER cross-site scripting (XSS) vulnerability
2017-11-09	VDE-2017-003B	PHOENIX CONTACT WLAN enabled devices utilising WPA2 encryption (Update B)
2017-09-07	VDE-2017-002	PHOENIX CONTACT mGuard device manager (mdm) multiple vulnerabilities in Java SE
2017-08-11	VDE-2017-001	PHOENIX CONTACT mGuard IKE daemon remote denial of service