VDE-2019-020
May 22, 2025, 3:03 PM
PHOENIX CONTACT: improper access control exists on FL NAT devices when using MAC-based port security
If MAC-based port security or 802.1x port security is enabled, the FL NAT 2xxx will unintentionally grant access to unauthorized devices in case of routed transmission. ''' Subnet 2---(Ports belonging …
VDE-2019-016
May 14, 2025, 2:28 PM
Manipulated PC Worx or Config+ projects could lead to a remote code execution due to insufficient input data validation. The attacker needs to get access to an original PC Worx …
VDE-2019-019
May 14, 2025, 3:00 PM
In case TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending special packets to the device.
VDE-2019-017
May 14, 2025, 2:28 PM
The reported vulnerability allows a remote attacker to check paths and file names that are used in filesystem operations. **Update, 18.9.2019, 18:30** * fixed typo in modelname, replaced PCF with …
VDE-2019-015
July 11, 2025, 9:00 AM
Phoenix Contact Classic Line industrial controllers (ILC1x0 and ILC1x1 product families as well as the AXIOLINE controllers AXC1050 and AXC3050) are developed and designed for the use in closed industrial …
VDE-2019-014
May 14, 2025, 2:28 PM
A manipulated PC Worx or Config+ project file could lead to a remote code execution.\ The attacker needs to get access to an original PC Worx or Config+ project file …
VDE-2019-013
June 12, 2019, 12:25 PM
Multiple vulnerabilities have been identified in WAGO 852-303, 852-1305 and 852-1505 industrial managed ethernet switches.
VDE-2019-012
May 14, 2025, 3:00 PM
A security researcher discovered that the affected application doesn't properly restrict access to an endpoint that is responsible for saving settings, to a user with limited access rights. Based on …