VDE-2025-042
May 27, 2025, 11:00 AM
The Lenze VPN client is vulnerable to a Local Privilege Escalation to root/SYSTEM by executing a configuration file which can be controlled by a non-privileged user. This occurs through a …
VDE-2025-044
Aug. 27, 2025, 12:00 PM
Weidmueller industrial ethernet switches are affected by multiple vulnerabilities. Weidmueller has released new firmwares of the affected products to fix the vulnerabilities.
VDE-2025-011
Aug. 27, 2025, 12:00 PM
A stored cross-site scripting vulnerability has been discovered in the profinet gateway LB8122A.1.EL. An attacker can write an HTML tag with up to 32 characters in the message field of …
VDE-2025-041
May 19, 2025, 11:00 AM
Weidmueller product ResMa is affected by ASP.NET AJAX vulnerability. Weidmueller has released a new firmware for the affected product to fix the vulnerability.
VDE-2025-010
May 14, 2025, 3:00 PM
A security researcher discovered a privilege escalation vulnerability in the demo system area of the SMA Classic Portal, www.sunnyportal.com. Only systems of other users have been affected who unintendedly and …
VDE-2025-024
May 13, 2025, 12:00 PM
Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability.
VDE-2025-029
May 14, 2025, 2:28 PM
A denial of service (DoS) attack targeting port 80 (http service) can overload the device (CWE-770). This behaviour has been observed when running network security scanners.
VDE-2025-026
May 14, 2025, 3:00 PM
Sending too much data in the service telegram of AUMA actuators leads to a buffer overflow in the actuator controls. Depending on the actuator, the service telegram is transmitted either …