Advisories | CERT@VDE

2025-01-14 12:00 VDE-2024-070

Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers

Improper file permission handling allows an authenticated low privileged user to gain root access.

CVE-2024-11497: 8.8

2025-01-14 12:00 VDE-2025-005

Phoenix Contact: Security Advisory for ESL Stick USB-A

A vulnerability has been found in a cryptographic library of Infineon Technologies that is part of the firmware of the CmDongles. The exploitation of this vulnerability has been classified as complex: potential attackers need physical access and require special equipment to exploit the vulnerability. In general, this vulnerability affects only ECC keys used to calculate signatures with the ECDSA algorithm.

CVE-2024-45678: 4.2

Feeds

RSS / Atom

Nach Hersteller

ADS-TEC Industrial IT (2)

Auma (4)

Beckhoff (14)

Bender (2)

CODESYS (13)

Endress+Hauser (12)

Festo (12)

Festo Didactic (7)

Frauscher (3)

Carlo Gavazzi Controls (1)

Helmholz (11)

HIMA (2)

ifm (3)

Innominate (2)

Lenze (3)

MB connect line (11)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (31)

PHOENIX CONTACT (91)

Pilz (13)

Red Lion Europe (4)

SMA (1)

SWARCO (1)

TECSON/GOK (1)

TRUMPF SE (4)

TRUMPF Laser (7)

TRUMPF Werkzeugmaschinen (8)

VARTA Storage (1)

VMT (1)

WAGO (59)

Weidmueller (10)

Welotec (3)

Wiesemann & Theis (3)

Archiv

2025

Januar (2)

2024

Dezember (4)
November (3)
Oktober (8)
September (8)
August (9)
Juli (7)
Juni (4)
Mai (4)
April (3)
März (2)
Februar (6)
Januar (7)

2023

Dezember (14)
November (5)
Oktober (5)
September (5)
August (13)
Juli (5)
Juni (3)
Mai (4)
April (1)
März (3)
Februar (3)
Januar (2)

2022

Dezember (5)
November (10)
Oktober (5)
September (7)
August (4)
Juli (4)
Juni (7)
Mai (3)
April (11)
März (5)
Januar (5)

2021

Dezember (2)
November (6)
Oktober (5)
September (2)
August (10)
Juli (3)
Juni (9)
Mai (6)
April (2)
März (3)
Februar (3)
Januar (4)

2020

Dezember (4)
November (3)
Oktober (6)
September (8)
August (1)
Juli (3)
Juni (4)
Mai (2)
März (12)
Februar (2)

2019

Dezember (2)
Oktober (3)
September (1)
Juni (4)
Mai (2)
März (6)
Januar (1)

2018

Oktober (1)
September (1)
August (2)
Juli (3)
Mai (4)
März (1)
Februar (1)
Januar (2)

2017

Dezember (2)
November (1)
September (1)
März (1)

Legende

(Scoring für CVSS 2.0,3.0+3.1)

keine

Kein CVE verfügbar

Niedrig

0.1 <= 3.9

Mittel

4.0 <= 6.9

Hoch

7.0 <= 8.9

Kritisch

9.0 <= 10.0