VDE-2020-016
May 28, 2020, 3:00 PM
An open port used for debugging grants root access to the device without access control via network.
VDE-2020-013
March 27, 2020, 10:48 AM
If the software runs as a service, a user with limited access can gain administrator privileges by starting a shell with administrator rights from the Import / Export configuration dialog.
VDE-2020-010
March 9, 2020, 10:25 AM
An attacker needs an authorized login with administrative privileges on the device in order to exploit the herein mentioned vulnerability. The weakness allows an attacker which has admin privileges on …
VDE-2020-007
March 9, 2020, 10:10 AM
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for commissioning and update. The controller is an embedded device which has limited resources. The vulnerability described …
VDE-2019-022
Dec. 16, 2019, 10:00 AM
The reported vulnerabilities allow a remote attacker to change the setting, delete the application, set the device to factory defaults, code execution and to cause a system crash or denial …
VDE-2019-011
Oct. 7, 2019, 12:00 PM
A remote code execution vulnerability exists in **Remote Desktop Services** – formerly known as **Terminal Services** – when an unauthenticated attacker connects to the target system using **RDP** and sends …
VDE-2019-013
June 12, 2019, 12:25 PM
Multiple vulnerabilities have been identified in WAGO 852-303, 852-1305 and 852-1505 industrial managed ethernet switches.
VDE-2019-005
March 19, 2019, 4:34 PM
Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise …