VDE-2023-055
Dez. 12, 2023, 8:00 vorm.
Phoenix Contact classic line industrial controllers are developed and designed for the use in closed industrial networks. The controllers don't feature a function to check integrity and authenticity of the …
VDE-2023-054
Mai 22, 2025, 3:03 nachm.
Increased Security attacks against OT infrastructure and research of Dragos makes it necessary to publish this advisory giving users hints according to basic security measures to support automation systems using …
VDE-2023-049
Dez. 11, 2023, 8:00 vorm.
Frauscher Sensortechnik GmbH FDS102 for FAdC/FAdCi v2.10.1 is vulnerable to a remote code execution (RCE) vulnerability via manipulated parameters of the web interface by using an authenticated session cookie.
VDE-2023-066
Dez. 5, 2023, 3:25 nachm.
UPDATE 29.02.2024: Removed "This version is planned for January 2024." from Solution as the updated version is released.On CODESYS Control runtimes running on Linux or QNX operating systems, successfully authenticated …
VDE-2023-059
Dez. 5, 2023, 8:06 vorm.
The Builder and Viewer components of the product PASvisu are based on the 3rd-party-component Electron. Electron contains several other open-source components which are affected by vulnerabilities. The vulnerabilities may enable …
VDE-2023-044
Dez. 5, 2023, 8:00 vorm.
The Library WagoAppRTU which is part of the Wago Telecontrol Configurator is prone to improper input validation. By sending specifically crafted MMS packets an attacker can trigger a denial-of-service condition.
VDE-2023-035
Dez. 5, 2023, 8:00 vorm.
Several CODESYS setups contain and install vulnerable versions of the WIBU CodeMeter Runtime.
VDE-2023-045
Dez. 5, 2023, 8:00 vorm.
An attacker with privileges can enumerate projects and usernames through an iterative process, by making a request to a specific endpoint.