VDE-2020-016
Mai 28, 2020, 3:00 nachm.
An open port used for debugging grants root access to the device without access control via network.
VDE-2020-013
März 27, 2020, 10:48 vorm.
If the software runs as a service, a user with limited access can gain administrator privileges by starting a shell with administrator rights from the Import / Export configuration dialog.
VDE-2020-010
März 9, 2020, 10:25 vorm.
An attacker needs an authorized login with administrative privileges on the device in order to exploit the herein mentioned vulnerability. The weakness allows an attacker which has admin privileges on …
VDE-2020-007
März 9, 2020, 10:10 vorm.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for commissioning and update. The controller is an embedded device which has limited resources. The vulnerability described …
VDE-2019-022
Dez. 16, 2019, 10:00 vorm.
The reported vulnerabilities allow a remote attacker to change the setting, delete the application, set the device to factory defaults, code execution and to cause a system crash or denial …
VDE-2019-011
Okt. 7, 2019, 12:00 nachm.
A remote code execution vulnerability exists in **Remote Desktop Services** – formerly known as **Terminal Services** – when an unauthenticated attacker connects to the target system using **RDP** and sends …
VDE-2019-013
Juni 12, 2019, 12:25 nachm.
Multiple vulnerabilities have been identified in WAGO 852-303, 852-1305 and 852-1505 industrial managed ethernet switches.
VDE-2019-005
März 19, 2019, 4:34 nachm.
Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise …