Advisories

Für CVSS 2.0, 3.0 und 3.2
VDE-2022-052
Nov. 21, 2022, 10:00 vorm.

Miele: Vulnerability in ease2pay cloud service used by appWash

Up until October 5th, 2022 the ease2pay API used by Miele's "AppWash" MobileApp was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain …
CVE-2022-3589
VDE-2022-015
April 27, 2022, 2:00 nachm.

Miele: Security vulnerability in Benchmark Programming Tool

The Miele Benchmark Programming Tool on a Microsoft Windows operating system, selects a folder by default upon installation that is writable for all users (C:\\MIELE_SERVICE). After the installation of the …
CVE-2022-22521
VDE-2020-024
Mai 14, 2025, 2:28 nachm.

Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED

For process data documentation purposes the laboratory washers, thermal disinfectors and washer-disinfectors can be integrated in a TCP/IP network by utilizing the affected communication module. The communication module is separate …
CVE-2020-11897
CVE-2020-11896
CVE-2020-11898
CVE-2020-11901
CVE-2020-11900
CVE-2020-11904
CVE-2020-11902
CVE-2020-11903
CVE-2020-11905
CVE-2020-11907
CVE-2020-11906
CVE-2020-11899
CVE-2020-11911
CVE-2020-11913
CVE-2020-11912
CVE-2020-11909
CVE-2020-11910
CVE-2020-11914
CVE-2020-11908
VDE-2019-010
Mai 14, 2025, 3:00 nachm.

Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway

Miele XGW 3000 is a ZigBee-TCP/IP gateway. The gateway connects Miele ZigBee-Appliances (called Miele@home) with local customer TCP/IP-Network and allows visualizing the appliance state on the web interface of the …
CVE-2019-20481
CVE-2019-20480