Multiple vulnerabilities in all mbNET.mini devices with firmware <= 2.3.2 that allow an attacker to gain full control over the device.
Multiple vulnerabilities in the PLCnext system allowed low-privileged remote attackers to gain unauthorized access or trigger system reboots by manipulating configuration files and symbolic links. Affected services include watchdog, arp-preinit, and security-profile, potentially exposing critical system files. These issues have been resolved in firmware version 2025.0.2.
Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.
Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2
Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.
Update Version 1.1.0: Updated the reporting credits for CVE-2025-25271.
Frauscher Sensortechnik FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi R2 and all previous versions are vulnerable to OS Command Injection via malicious configuration file.
CVE-2025-3626 affects FDS102 versions v2.8.0 < v2.13.3.
CVE-2025-3705 affects a broader range of products and versions. Specifically, it affects:
Update 1.1.0, 29.07.2025: The summary has been updated to include a mapping between CVEs and affected products, and the remediation section has been revised to include FDS101.
During installation, identical certificates are installed across all systems instead of unique ones, which are intended for JWT Token encryption and signing.
Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered, that can be accessed via Ethernet.