VDE-2021-023
Mai 14, 2025, 2:28 nachm.
Multiple vulnerabilities have been discovered in the current firmware of the PHOENIX CONTACT FL SWITCH SMCS series switches.
VDE-2021-019
Mai 14, 2025, 3:00 nachm.
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers …
VDE-2021-022
Mai 14, 2025, 2:28 nachm.
When the communication partner sends an invalid Modbus exception response to the FL COMSERVER UNI as a query, the Modbus communication stops, and the device will be unresponsive for some …
VDE-2021-021
Mai 14, 2025, 2:28 nachm.
An undocumented password protected FTP access to the root directory exists in certain devices of the AXL F BK and IL BK product families (CWE-798).
VDE-2021-020
Mai 14, 2025, 2:28 nachm.
Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data (CWE-824). The attacker needs to get access …
VDE-2021-024
Mai 14, 2025, 2:28 nachm.
The vulnerability is a Time-of-Check-Time-of-Use (CWE-367) issue which allows an attacker with access to the firmware update file to overwrite it after it has been verified (but before installation is …
VDE-2020-046
Mai 14, 2025, 2:28 nachm.
For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration …
VDE-2020-049
Dez. 17, 2020, 10:00 vorm.
Multiple vulnerabilities have been identified in PLCnext Control devices. Please consult the aforementioned CVE-IDs.