VDE-2025-092
Jan. 27, 2026, 12:00 nachm.
The vulnerability CVE-2025-41726 (NN-2025-0074) allows an authenticated remote user to execute arbitrary commands on the device. This can be exploited over the web UI or via API. In one case …
VDE-2025-106
Feb. 12, 2026, 10:00 vorm.
An optional package of the TwinCAT 3 XAR installs the TwinCAT 3 HMI Server on a device. It provides a server configuration page which can be accessed by administrative users …
VDE-2025-075
Sept. 9, 2025, 12:00 nachm.
Beckhoff's TwinCAT 3 Engineering software is intented to craft automation projects consisting of a set of files which are stored locally as files underneath an individual folder or in a …
VDE-2024-064
April 11, 2025, 9:00 vorm.
Beckhoff's TwinCAT 3.1 Build 4026 software is modularized and is installed with different packages depending on user requirements. These packages are selected and installed using either the command line utility …
VDE-2021-008
Mai 22, 2025, 3:03 nachm.
The affected products can act as OPC UA client or server and are vulnerable to two different kind of attacks via the OPC UA protocol. For both cases the attacker …
VDE-2024-045
Mai 22, 2025, 3:03 nachm.
By default, TwinCAT/BSD-based products have a device-specific web interface for web-based management (WBM) enabled, developed by Beckhoff and known as Beckhoff Device Manager UI. It can be accessed remotely or …
VDE-2024-049
Mai 22, 2025, 3:03 nachm.
By default, TwinCAT/BSD-based products have a device-specific web interface for web-based management (WBM) enabled, developed by Beckhoff and known as Beckhoff Device Manager UI. It can be accessed remotely or …
VDE-2024-048
Mai 22, 2025, 3:03 nachm.
By default, TwinCAT/BSD-based products have a device-specific web interface for web-based management (WBM) enabled, developed by Beckhoff and known as Beckhoff Device Manager UI. It can be accessed remotely or …