VDE-2022-058
Mai 14, 2025, 3:00 nachm.
Two vulnerabilities have been discovered in the Expat XML parser library (aka libexpat). This open-source component is widely used in a lot of products worldwide. An attacker could cause a …
VDE-2022-050
Dez. 12, 2022, 12:00 nachm.
An unauthenticated remote attacker could reset the administrator's password with information from the default, self-signed certificate.
VDE-2022-041
Nov. 3, 2025, 11:00 vorm.
Incomplete Festo product documentation of remote accessible functions and their required IP ports. Depending on the product a description of the supported features can be found in the product documentation …
VDE-2022-037
Okt. 28, 2025, 12:00 nachm.
The products are shipped with an unsafe configuration of the integrated CODESYS Runtime environment. In this case no default password is set to the CODESYS PLC and therefore access without …
VDE-2022-033
Nov. 24, 2022, 10:00 vorm.
PASvisu is an HMI solution for Machine Visualization. It is available as a standalone software product, but it is also included in various models of the PMI product family. The …
VDE-2022-044
Juni 5, 2025, 3:28 nachm.
Several Pilz software products do not properly check pathnames contained in archives. An attacker can utilise this vulnerability to write arbitrary files, potentially leading to code execution.
VDE-2022-045
Mai 22, 2025, 3:03 nachm.
PAS4000 is the software platform for the Automation System PSS 4000. PAS 4000 does not properly check pathnames contained in archives. An attacker can utilise this vulnerability to write arbitrary …
VDE-2022-052
Nov. 21, 2022, 10:00 vorm.
Up until October 5th, 2022 the ease2pay API used by Miele's "AppWash" MobileApp was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain …