Advisories

For CVSS 2.0, 3.0 and 3.2
VDE-2020-014
May 14, 2025, 4:34 PM

Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets

Security researchers at ESET have reported a vulnerability called Kr00k (CVE-2019- 15126) which affects encrypted WiFi traffic for devices using Broadcom or Cypress chipsets. The vulnerability may allow an attacker …
CVE-2019-15126
VDE-2019-011
Oct. 7, 2019, 12:00 PM

Pepperl+Fuchs: Remote code execution vulnerability in HMI devices

A remote code execution vulnerability exists in **Remote Desktop Services** – formerly known as **Terminal Services** – when an unauthenticated attacker connects to the target system using **RDP** and sends …
CVE-2019-1181
CVE-2019-0708
CVE-2019-1182
VDE-2019-004
March 14, 2019, 8:52 AM

Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack

A collection of Bluetooth attack vectors were discovered and related vulnerabilities known as "BlueBorne" were disclosed. These vulnerabilities collectively endanger amongst others Windows, Linux and mobile operating systems like Android …
CVE-2017-0782
CVE-2017-0781
CVE-2017-8628
CVE-2017-0783
CVE-2017-0785
VDE-2019-002
May 14, 2025, 3:00 PM

Pepperl+Fuchs: Path traversal in WirelessHART Gateway

Pepperl+Fuchs analyzed WirelessHART-Gateways in respect of a critical vulnerability within the Firmware. An attacker may exploit this vulnerability to get access to files and access restricted directories that are stored …
CVE-2018-16059
VDE-2018-016
May 14, 2025, 2:28 PM

Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability

An attacker may gain access (by elevated privileges) to CT50-Ex mobile computers through a vulnerability in a system service running the Android Operating System (OS). The system service improperly validates …
CVE-2018-14825
VDE-2018-009
Oct. 23, 2018, 12:00 PM

Pepperl+Fuchs: Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices

Critical vulnerabilities within several CPUs have been identified by security researchers. These hardware vulnerabilities allow programs to learn about the contents of a system's memory, using side-channel attacks. Potential attack …
CVE-2017-5715
CVE-2017-5754
CVE-2017-5753
VDE-2018-008
July 6, 2018, 3:37 PM

Pepperl+Fuchs: Remote Code Execution Vulnerability in HMI Devices

A remote code execution vulnerability in the Microsoft's Credential Security Support Provider protocol (CredSSP) was identified by security researchers. If exploited successfully, it is possible to relay user credentials for …
CVE-2018-0886
VDE-2018-002
May 14, 2025, 2:28 PM

Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks

Critical vulnerabilities within several CPUs have been identified by security researchers. These hardware vulnerabilities allow programs to learn about the contents of a system's memory, using side-channel attacks. Potential attack …
CVE-2017-5715
CVE-2017-5754
CVE-2017-5753