Nozomi Networks reported a vulnerability in the pfc firmware sdk-G2 of libwagosnmp. The WAGO pfc-firmware-sdk-G2 is a software development kit designed for WAGO PFC devices which allows developers to build and customize the firmware.
Multiple Weidmüller products are affected by an OpenSSL vulnerability.
Weidmüller has released new firmwares of the affected products to fix the vulnerability.
Weidmüller product PROCON-WIN is affected by hard-coded credentials.
Weidmüller has released a new version of the affected product to fix the vulnerability.
A security researcher discovered a critical Remote Code Execution vulnerability in sunnyportal.com. An attacker could upload code instead of an image and remotely execute this code.
Update: Changed Date in Remediation
An unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution.
The following firmware versions installed on several devices are are vulnerable due to a vulnerability in CODESYS Control.
Several WAGO Firmwares are vulnerable to an incorrect calculation of the buffer size in the CODESYS OPC UA STACK. This can lead to a crash of the runtime of the affected firmware versions installed on several devices.
A security researcher discovered a Cross Site Request Forgery (CSRF, XSRF) vulnerability in SMA Cluster Controller. The affected products are out of support (End-of-Life 2018-06-30).