The vulnerability in the Ethernet switch circuit is caused by a PullUp resistor at the reset input, leading to premature activation and undefined operation. Switching to a PullDown resistor keeps the switch in reset. This issue affects the CC100, the Touch Panels 600 and the Edge Controller.

A path traversal flaw in the SmartEMS upload handling allows authenticated users to direct upload data outside of the intended directory via the 'Upload-Key' header. In deployments where writable, code-interpreted paths are reachable, this may lead to remote code execution.

Beckhoff's TwinCAT 3 Engineering software is intented to craft automation projects consisting of a set of files which are stored locally as files underneath an individual folder or in a packed file. The TwinCAT 3 Engineering stores user settings and preferences among the non packed local files which are relevant to continue former work on the project conventienly. TwinCAT 3 Engineering stores such settings in files which are called "Solution User Options (.suo) File". When such settings are manipulated or crafted by an adversary in a specific way then TwinCAT 3 Engineering executes arbitrary commands as determined by these settings when the user uses TwinCAT 3 Engineering to open the project. These arbitrary commands are executed in the user context.

Please note that solution user option files should not be checked in to source code control. This is also a best practice when working with source code projects and solutions. For example, see https://learn.microsoft.com/en-us/visualstudio/extensibility/internals/solution-user-options-dot-suo-file and https://infosys.beckhoff.com/content/1033/tc3_sourcecontrol/14604066827.html.

The vulnerability is similar to older vulnerabilities that were addressed in the CODESYS Development System V3 product from CODESYS GmbH with CVE-2021-21864, CVE-2021-21865, CVE-2021-21866, CVE-2021-21867, CVE-2021-21868, CVE-2021-21869, and the associated Advisory 2021-13 from CODESYS GmbH.

A missing authentication vulnerability exists in the iocheckd service "I/O-Check" functionality. A single packet can cause a denial of service and weaken credentials resulting in the default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

A local privilege escalation vulnerability in Phoenix Contact products utilizing WIBU-SYSTEMS CodeMeter Runtime allows users to gain admin rights on freshly installed systems. The CodeMeter Control Center starts with elevated privileges and retains them until restarted, enabling unauthorized access to admin tools like cmd.exe.

The jq JSON processor, which is used to migrate firmware configurations in the product, contains 2 vulnerabilities that can be exploited by an authenticated attacker.

Bender is publishing this advisory to inform customers about a security vulnerability in the Charge Controller product families. Bender has analyzed the weakness and determined that the electrical safety of the devices is not affected. Bender considers the weakness to be of high risk and it should be patched immediately.

Bender is publishing this advisory to inform customers about a security vulnerability in the Charge Controller product families. Bender has analyzed the weakness and determined that the electrical safety of the devices is not affected. Bender considers the weakness to be of high risk and it should be patched immediately.