VDE-2020-023
Mai 14, 2025, 2:28 nachm.
Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation. The attacker needs to get access to an original PC Worx project to …
VDE-2019-007
Mai 14, 2025, 2:28 nachm.
A WebHMI utility may be exploited by any logged in user allowing the execution of arbitrary OS commands on the server. This provides the opportunity for a command injection attack.
VDE-2021-021
Mai 14, 2025, 2:28 nachm.
An undocumented password protected FTP access to the root directory exists in certain devices of the AXL F BK and IL BK product families (CWE-798).
VDE-2017-003
Mai 14, 2025, 2:28 nachm.
Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise …
VDE-2020-046
Mai 14, 2025, 2:28 nachm.
For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration …
VDE-2021-020
Mai 14, 2025, 2:28 nachm.
Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data (CWE-824). The attacker needs to get access …
VDE-2021-022
Mai 14, 2025, 2:28 nachm.
When the communication partner sends an invalid Modbus exception response to the FL COMSERVER UNI as a query, the Modbus communication stops, and the device will be unresponsive for some …
VDE-2021-025
Mai 14, 2025, 2:28 nachm.
A Denial of Service and a CA Check Problem have been identified in multiple openSSL 1.1.1 versions, which are utilized in the Phoenix Contact products listed above.