VDE-2024-041
Sept. 10, 2024, 10:00 AM
Echo Curve Viewer is an utility used for offline visualization of previously recorded envelope curve data. Envelope curve records are exported from other Endress+Hauser software products like FieldCare as .curves …
VDE-2024-043
Aug. 22, 2024, 8:00 AM
Products from the Edge Gateway Family are affected by recently published so called RegreSSHion vulnerability.
VDE-2024-037
July 10, 2024, 8:00 AM
A critical security vulnerability was discovered in the products, which is caused by the IPv6 stack in the Linux kernel.The impact of the vulnerability on the affected products may result …
VDE-2023-006
July 8, 2024, 12:00 PM
An authenticated attacker can send a malformed packet to trigger a device crash via the CODESYS V2 runtime commands parsing. Update: 08.07.2024 release date of the updates has been changed.
VDE-2024-032
July 3, 2024, 3:33 PM
There exists a vulnerability in all REX 100 devices with firmware <= 2.2.11 that allows an authenticated attacker to execute arbitrary system commands via GET requests. Update: 03.07.2024 3:30pm …
VDE-2024-030
July 3, 2024, 11:00 AM
There exists a vulnerability in all mbNET.mini devices with firmware <= 2.2.11 that allows an authenticated attacker to execute arbitrary system commands via GET requests. Update: 03.07.2024 3:30 pm …
VDE-2024-029
June 11, 2024, 8:00 AM
The OpenSSL library used in the affected products is vulnerable to an unbounded growth of the session cache in the TLSv1.3 implementation.
VDE-2023-068
May 21, 2024, 8:00 AM
The following vulnerabilities are published with reference to CODESYS Advisory 2023-05, CODESYS Advisory 2023-06 and CODESYS Advisory 2023-09