VDE-2020-009
Mai 22, 2025, 3:03 nachm.
The firmware update package (WUP) is not signed entirely. The used password offers no additional security, it is just meant to protect from unintentional modifications of the WUP file. Thus …
VDE-2020-008
Mai 14, 2025, 2:53 nachm.
The Cloud Connectivity of the WAGO PLCs is used to connect the device with the cloud services from different providers. It also supports maintenance functionality with the firmware update function …
VDE-2020-007
März 9, 2020, 10:10 vorm.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for commissioning and update. The controller is an embedded device which has limited resources. The vulnerability described …
VDE-2020-004
Mai 14, 2025, 3:00 nachm.
The communication between e!Cockpit and the programmable logic controller is not encrypted. The broken cryptographic algorithm allows an attacker to decode the password for the e!Cockpit communication and with this …
VDE-2020-003
Mai 14, 2025, 2:28 nachm.
Multiple Vulnerabilities exist in components used by the aforementioned products. See CVE-Details for more information.
VDE-2020-002
Juni 5, 2025, 3:28 nachm.
CVS-2019-12255 Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to …
VDE-2020-001
Mai 22, 2025, 3:03 nachm.
Phoenix Contact Emalytics Controller ILC 2050 BI are developed and designed for the use in protected building automation networks.An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI …
VDE-2019-022
Dez. 16, 2019, 10:00 vorm.
The reported vulnerabilities allow a remote attacker to change the setting, delete the application, set the device to factory defaults, code execution and to cause a system crash or denial …