Advisories | CERT@VDE

1
2 (current)

2021-07-22 13:35 VDE-2021-017

MB connect line: Privilege escalation in mbDIALUP (Update B)

Multiple Vulnerabilities in mbConnect24serv (a software service of mbDIALUP) can lead to arbitrary code execution due to improper privilege management.

Update A, 2021-11-24

corrected fixed version in solution from 3.9R0.4 to 3.9R0.5

Update B, 2022-03-28

Updated CVSS score from CVE-2021-33527 from 7.8 to 9.8 due to new information about the vulnerability

more ...

CVE-2021-33527: 9.8

CVE-2021-33526: 7.8

2021-07-22 13:33 VDE-2021-031

MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24, mymbCONNECT24 <= 2.8.0

Two vulnerabilities in mbCONNECT24 and mymbCONNECT24 can lead to information disclosure and arbitrary code execution.

Please consult the CVE entries for details.

more ...

CVE-2020-9498: 6.7

CVE-2020-9497: 4.4

2021-04-26 10:04 VDE-2021-012

MB connect line: multiple products partially affected by DNSpooq

Multiple issues have been identified in dnsmasq < 2.83

more ...

CVE-2020-25684: 3.7

CVE-2020-25685: 3.7

CVE-2020-25686: 3.7

2020-09-18 14:30 VDE-2020-035

MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1

Multiples issues exist in mymbCONNECT24 and mbCONNECT24

more ...

CVE-2020-24568: 6.5

CVE-2020-24570: 6.5

CVE-2020-24569: 4.3

1
2 (current)

Feeds

RSS / Atom

By Vendor

ADS-TEC Industrial IT (3)

Auma (6)

Beckhoff (14)

Bender (2)

CODESYS (18)

Endress+Hauser (12)

Festo (12)

Festo Didactic (7)

Frauscher (3)

Carlo Gavazzi Controls (1)

Helmholz (12)

HIMA (2)

ifm (3)

Innominate (2)

Lenze (4)

MB connect line (12)

Miele (4)

M&M Software (1)

Pepperl+Fuchs (33)

PHOENIX CONTACT (92)

Pilz (13)

Red Lion Europe (4)

SMA (5)

SWARCO (1)

TECSON/GOK (1)

TRUMPF SE (4)

TRUMPF Laser (8)

TRUMPF Werkzeugmaschinen (9)

VARTA Storage (1)

VMT (1)

WAGO (64)

Weidmueller (15)

Welotec (3)

Wiesemann & Theis (6)

Legend

(Scoring for CVSS 2.0,3.0+3.1)

None

No CVE available

Low

0.1 <= 3.9

Medium

4.0 <= 6.9

High

7.0 <= 8.9

Critical

9.0 <= 10.0

MB connect line: Privilege escalation in mbDIALUP (Update B)

MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24, mymbCONNECT24 <= 2.8.0

MB connect line: multiple products partially affected by DNSpooq

MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1

Feeds

By Vendor

Archive

2025

2024

2023

2022

2021

2020

2019

2018

2017

Legend