Advisories

For CVSS 2.0, 3.0 and 3.2
VDE-2026-063
July 14, 2026, 1:00 PM
Multiple Murrelektronik network-enabled devices respond to SNMPv2c 'GETBULK' requests with disproportionately large response packets when the requesting party specifies a large max-repetitions value. This response amplification allows the affected devices …
VDE-2026-062
July 14, 2026, 12:00 PM
Several Murrelektronik devices using Profinet are shipped with the default SNMP community names ('public' for read access and 'private' for write access). If these community strings remain unchanged in the …
VDE-2025-091
Oct. 14, 2025, 12:00 PM
The embedded web interface of the MURRELEKTRONIK IMPACT67 Pro PN DIO8 IOL8 transmits login credentials over unencrypted HTTP using a GET request. The device does not offer HTTPS/TLS support, exposing …