Beckhoff's TwinCAT 3.1 Build 4026 software is modularized and is installed with different packages depending on user requirements. These packages are selected and installed using either the command line utility tcpkg or the corresponding graphical user interface called TwinCAT Package Manager. Both use the same configuration that specifies where to load packages from. These locations are called feeds, have preconfigured default settings and can be customized by administrative users, for example to add another local mirror of a package server. When using the TwinCAT Package Manager on a PC, a user with administrative access rights can locally set a specially crafted URL for a feed that causes the TwinCAT Package Manager to execute arbitrary operating system commands.

Several vulnerabilities have been identified in the web-based management of WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the solutions by Endress+Hauser. Additionally, a guideline on secure operation of these solutions has been made available.

Multiple vulnerabilities have been discovered in MB connect line mbNET.mini product allowing for RCE or unauthorized file access.

Multiple vulnerabilities have been discovered in REX100 allowing for RCE or unauthorized file access.

Multiple vulnerabilities have been discovered in Helmholz products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the myREX24 V2 and myREX24.virtual products, while CVE-2024-45273 affects the REX200/250, myREX24 V2, myREX24.virtual and REX300 products.

Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products, while CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.

The affected devices run a SSH server that is affected by the regreSSHion vulnerability despite the fact that no user can actually log in through SSH. Attackers may exploit this vulnerability to gain root access to the device.

Vulnerabilities in .NET and Visual Studio functions System.Text.Json, System.Formats.Asn1, OPCFoundation.NetStandard.Opc.Ua.Core allow an remote attacker to execute a Denial-of-Servce attack.