• 1 (current)
  • 2

Helmholz: Sandbox escape in REX200/250 LUA interpreter

An authenticated remote attacker can exploit an undocumented method to escape the LUA sandbox in REX200/250 devices, enabling the execution of arbitrary operating system commands and leading to full system compromise.


CVE-2025-41688: 7.2

MB connect line: Sandbox escape in mbNET's LUA interpreter

An authenticated remote attacker can exploit an undocumented method to escape the LUA sandbox in mbNET devices, enabling the execution of arbitrary operating system commands and leading to full system compromise.


CVE-2025-41688: 7.2

Helmholz: Multiple vulnerabilities in REX 100

Multiple vulnerabilities in all REX 100 devices with firmware <= 2.3.2 that allow an attacker to gain full control over the device.


CVE-2025-41675: 7.2
CVE-2025-41674: 7.2
CVE-2025-41673: 7.2
CVE-2025-41678: 6.5
CVE-2025-41679: 5.3
CVE-2025-41676: 4.9
CVE-2025-41677: 4.9
CVE-2025-41681: 4.8

MB connect line: Multiple vulnerabilities in mbNET.mini

Multiple vulnerabilities in all mbNET.mini devices with firmware <= 2.3.2 that allow an attacker to gain full control over the device.


CVE-2025-41675: 7.2
CVE-2025-41674: 7.2
CVE-2025-41673: 7.2
CVE-2025-41678: 6.5
CVE-2025-41679: 5.3
CVE-2025-41676: 4.9
CVE-2025-41677: 4.9
CVE-2025-41681: 4.8

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple vulnerabilities in the PLCnext system allowed low-privileged remote attackers to gain unauthorized access or trigger system reboots by manipulating configuration files and symbolic links. Affected services include watchdog, arp-preinit, and security-profile, potentially exposing critical system files. These issues have been resolved in firmware version 2025.0.2.


CVE-2025-41667: 8.8
CVE-2025-41666: 8.8
CVE-2025-41668: 8.8
CVE-2025-41665: 6.5

Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.


CVE-2025-24003: 8.2
CVE-2025-24006: 7.8
CVE-2025-24005: 7.8
CVE-2025-24002: 5.3
CVE-2025-24004: 5.2

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2


CVE-2024-52533: 9.8
CVE-2024-12084: 9.8
CVE-2025-0665: 9.8
CVE-2024-5594: 9.1
CVE-2024-38428: 9.1
CVE-2024-5535: 9.1
CVE-2024-6345: 8.8
CVE-2025-24965: 8.1
CVE-2018-1000156: 7.8
CVE-2019-13638: 7.8
CVE-2018-1000035: 7.8
CVE-2018-20969: 7.8
CVE-2024-6232: 7.5
CVE-2024-25062: 7.5
CVE-2024-8176: 7.5
CVE-2024-6119: 7.5
CVE-2024-12705: 7.5
CVE-2018-6951: 7.5
CVE-2018-6952: 7.5
CVE-2024-12085: 7.5
CVE-2015-7696: 6.8
CVE-2025-26465: 6.8
CVE-2024-5742: 6.7
CVE-2024-12087: 6.5
CVE-2024-12088: 6.5
CVE-2024-10524: 6.5
CVE-2024-12086: 6.1
CVE-2019-13636: 5.9
CVE-2024-50602: 5.9
CVE-2025-26466: 5.9
CVE-2024-9681: 5.9
CVE-2024-9287: 5.8
CVE-2024-12747: 5.6
CVE-2018-18384: 5.5
CVE-2022-0529: 5.5
CVE-2022-0530: 5.5
CVE-2019-20633: 5.5
CVE-2024-0684: 5.5
CVE-2024-9341: 5.4
CVE-2023-27043: 5.3
CVE-2024-12133: 5.3
CVE-2020-16120: 5.1
CVE-2024-10918: 4.8
CVE-2024-8006: 4.4
CVE-2023-7256: 4.4
CVE-2015-7697: 4.3
CVE-2024-28882: 4.3
CVE-2024-9143: 4.3
CVE-2016-9844: 4.0
CVE-2024-11053: 3.4
CVE-2025-0167: 3.4
CVE-2021-4217: 3.3
CVE-2019-13232: 3.3
CVE-2025-27113: 2.9

Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.

Update Version 1.1.0: Updated the reporting credits for CVE-2025-25271.


CVE-2025-25270: 9.8
CVE-2025-25271: 8.8
CVE-2025-25268: 8.8
CVE-2025-25269: 8.4
  • 1 (current)
  • 2

Feeds

Nach Hersteller

Archiv

2025
2024
2023
2022
2021
2020
2019
2018
2017

Legende

(Scoring für CVSS 2.0,3.0+3.1)
keine
Kein CVE verfügbar
Niedrig
0.1 <= 3.9
Mittel
4.0 <= 6.9
Hoch
7.0 <= 8.9
Kritisch
9.0 <= 10.0