VDE-2020-006
May 14, 2025, 2:28 PM
With special crafted requests it is possible to get sensitive information, in this case the password hashes, by measuring response delay. With a substantial amount of time this data can …
VDE-2019-017
May 14, 2025, 2:28 PM
The reported vulnerability allows a remote attacker to check paths and file names that are used in filesystem operations. **Update, 18.9.2019, 18:30** * fixed typo in modelname, replaced PCF with …
VDE-2020-047
May 14, 2025, 2:28 PM
Uncontrolled Resource Consumption can be exploited to cause the HMI to become unresponsive and not accurately update the display content (Denial of Service).
VDE-2018-001
May 14, 2025, 2:28 PM
The integrity of the mGuard firmware atomic update process cannot be guaranteed under all circumstances. The mGuard atomic update mechanism relies on internal checksums for the integrity verification of some …
VDE-2024-065
May 14, 2025, 2:28 PM
A vulnerability in the use of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered in several Pepperl+Fuchs devices.
VDE-2021-010
May 14, 2025, 2:28 PM
Endress+Hauser products utilizing WPA2 are vulnerable to KRACK attacks. Proline portfolio is a flow meter with an optional WLAN interface in the display. The flowmeters are only affected if the …
VDE-2017-003
May 14, 2025, 2:28 PM
Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise …
VDE-2017-004
May 14, 2025, 2:28 PM
A cross-site scripting (XSS) vulnerability affects PHOENIX CONTACT FL COMSERVER products running firmware versions prior to 1.99, 2.20, or 2.40.