VDE-2025-026
May 14, 2025, 3:00 PM
Sending too much data in the service telegram of AUMA actuators leads to a buffer overflow in the actuator controls. Depending on the actuator, the service telegram is transmitted either …
VDE-2020-004
May 14, 2025, 3:00 PM
The communication between e!Cockpit and the programmable logic controller is not encrypted. The broken cryptographic algorithm allows an attacker to decode the password for the e!Cockpit communication and with this …
VDE-2024-051
May 14, 2025, 3:00 PM
mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.
VDE-2025-010
May 14, 2025, 3:00 PM
A security researcher discovered a privilege escalation vulnerability in the demo system area of the SMA Classic Portal, www.sunnyportal.com. Only systems of other users have been affected who unintendedly and …
VDE-2022-017
May 14, 2025, 3:00 PM
An issue was discovered in myREX24 and myREX24.virtual in all versions through 2.11.2.
VDE-2019-019
May 14, 2025, 3:00 PM
In case TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending special packets to the device.
VDE-2022-001
May 14, 2025, 3:00 PM
The user management of the FL SWITCH 2xxx family of devices implements access rights based on roles and permission groups. An unprivileged user logged in via the SSH CLI is …
VDE-2024-052
May 14, 2025, 3:00 PM
The pathfinder TCP encapsulation service is vulnerable to a drain of open file descriptors.