VDE-2025-064
Sept. 9, 2025, 9:00 vorm.
A local privilege escalation vulnerability in Phoenix Contact products utilizing WIBU-SYSTEMS CodeMeter Runtime allows users to gain admin rights on freshly installed systems. The CodeMeter Control Center starts with elevated …
VDE-2025-048
Sept. 8, 2025, 9:00 vorm.
A design flaw in the file system management exposes internal system partitions - intended to be hidden - during brief moments when they are mounted by the firmware. These partitions …
VDE-2025-061
Sept. 8, 2025, 9:00 vorm.
Bender is publishing this advisory to inform customers about a security vulnerability in the Charge Controller product families. Bender has analyzed the weakness and determined that the electrical safety of …
VDE-2025-082
Sept. 8, 2025, 9:00 vorm.
A vulnerability in sudo allows a low privileged attacker to execute commands with root rights.
VDE-2025-084
Sept. 8, 2025, 9:00 vorm.
Bender is publishing this advisory to inform customers about a security vulnerability in the Charge Controller product families. Bender has analyzed the weakness and determined that the electrical safety of …
VDE-2025-051
Sept. 1, 2025, 12:00 nachm.
A vulnerability in the CODESYS Control runtime system allows low-privileged remote attackers to access the PKI folder via CODESYS protocol, enabling them to read and write certificates and keys. This …
VDE-2025-070
Sept. 1, 2025, 12:00 nachm.
A vulnerability in the CODESYS Control runtime system's CmpDevice component allows unauthenticated attackers to cause a denial-of-service (DoS) via specially crafted communication requests. The issue is triggered by a NULL …
VDE-2025-078
Aug. 29, 2025, 12:00 nachm.
The TRUMPF remote support infrastructure selects an outdated encryption algorithm when setting up communication channels for machines. This cannot be prevented for old machines. For most machines it is possible …