VDE-2023-001
Juni 5, 2025, 3:28 nachm.
A new LTS Firmware release fixes known vulnerabilities in used open-source libraries. In addition, the following improvements have been implemented: HMI - Hardening against DoS attacks. - Hardening against memory …
VDE-2022-058
Mai 14, 2025, 3:00 nachm.
Two vulnerabilities have been discovered in the Expat XML parser library (aka libexpat). This open-source component is widely used in a lot of products worldwide. An attacker could cause a …
VDE-2022-051
Mai 22, 2025, 3:03 nachm.
A denial of service of the HTTPS management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections originating …
VDE-2022-048
Mai 14, 2025, 3:00 nachm.
Manipulated PC Worx or Config+ files could lead to a heap buffer overflow, release of unallocated memory or a read access violation due to insufficient validation of input data.The attacker …
VDE-2022-046
Mai 22, 2025, 3:03 nachm.
UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control …
VDE-2022-028
Mai 14, 2025, 3:00 nachm.
PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool
ProConOS/ProConOS eCLR designed for use in closed industrial networks provide communication protocols without authentication. Please also refer the original ICS-CERT advisory ICSA-15-013-03 published 13 January 2015.
VDE-2022-026
Mai 22, 2025, 3:03 nachm.
ProConOS/ProConOS eCLR insufficiently verifies uploaded data.
VDE-2022-025
Mai 22, 2025, 3:03 nachm.
The affected devices insufficiently verify uploaded data.