VDE-2025-071
Dez. 9, 2025, 9:00 vorm.
Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. …
VDE-2025-074
Okt. 15, 2025, 12:00 nachm.
A vulnerability in the firmware of CHARX SEC-3xxx charging controllers has been discovered.
VDE-2025-072
Okt. 14, 2025, 8:00 vorm.
Multiple vulnerabilities were discovered in the firmware of QUINT4-UPS EIP devices that can be used by an unauthenticated remote attacker to perform Denial of Service attacks and to gather login …
VDE-2025-077
Sept. 9, 2025, 12:00 nachm.
The jq JSON processor, which is used to migrate firmware configurations in the product, contains 2 vulnerabilities that can be exploited by an authenticated attacker.
VDE-2025-064
Sept. 9, 2025, 9:00 vorm.
A local privilege escalation vulnerability in Phoenix Contact products utilizing WIBU-SYSTEMS CodeMeter Runtime allows users to gain admin rights on freshly installed systems. The CodeMeter Control Center starts with elevated …
VDE-2025-063
Aug. 12, 2025, 12:00 nachm.
A privilege escalation vulnerability exists in Phoenix Contact Device and Update Management prior to version 2025.3.1 due to misconfigured permissions on nssm.exe in the DAUM-WINDOWS-SERVICE. This misconfiguration allows a low-privileged …
VDE-2025-053
Juli 8, 2025, 12:00 nachm.
Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2
VDE-2025-014
Juli 8, 2025, 12:00 nachm.
Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.