Advisories

Für CVSS 2.0, 3.0 und 3.2
VDE-2025-097
Nov. 18, 2025, 1:00 nachm.

METZ CONNECT: Config API – Authentication bypass leads to admin takeover in EWIO2 series

A critical authentication bypass in EWIO-2 allows unauthenticated attackers with network access to gain administrative control over the device. Once compromised, an attacker can change configurations, manipulate data, disrupt services, …
CVE-2025-41734
CVE-2025-41733
CVE-2025-41736
CVE-2025-41735
CVE-2025-41737