VDE-2025-047
Juni 10, 2025, 12:00 nachm.
For actuators with AC.2 controls and PROFOX actuators, a wrong configuration occurred for deliveries within the period from 01.01.2024 to 09.05.2025. Despite the ordered option "L90.00 = Bluetooth always deactivated", …
VDE-2025-026
Mai 14, 2025, 3:00 nachm.
Sending too much data in the service telegram of AUMA actuators leads to a buffer overflow in the actuator controls. Depending on the actuator, the service telegram is transmitted either …
VDE-2023-028
Mai 14, 2025, 3:00 nachm.
Forescout Research Labs, partnering with JSOF Research, disclosed NAME:WRECK, a set of Domain Name System (DNS) vulnerabilities that have the potential to cause either Denial of Service (DoS) or Remote …
VDE-2023-027
Aug. 7, 2023, 11:35 vorm.
A reflected cross-site scripting vulnerability exists in the System Diagnostics Manager (SDM) component of SIMA² Master Stations.
VDE-2022-032
Aug. 9, 2022, 10:00 vorm.
The SIMA2 Master Station features an NTP service based on ntpd, a reference implementation of the Network Time Protocol (NTP). Affected SIMA2 Master Stations with software version < V2.6 include …
VDE-2022-024
Mai 14, 2025, 3:00 nachm.
Improper buffer restrictions in the webserver used in SIMA² Master Station software versions < V 2.6 may allow an unauthenticated network-based attacker to stop the cyclic program on the device …