VDE-2021-035
May 22, 2025, 3:03 PM
Access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.
VDE-2021-029
May 14, 2025, 2:28 PM
A device on the same network as the controller sending a special crafted JSON request to the /auth/access-token endpoint may cause the controller to restart (CWE-20). UPDATE A The CVSS …
VDE-2021-032
May 22, 2025, 3:03 PM
Third party Niche Ethernet stack has several vulnerabilities announced by the security researcher's community. Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial …
VDE-2021-036
May 14, 2025, 2:28 PM
Please consult the CVE entries above for more details.
VDE-2021-025
May 14, 2025, 2:28 PM
A Denial of Service and a CA Check Problem have been identified in multiple openSSL 1.1.1 versions, which are utilized in the Phoenix Contact products listed above.
VDE-2021-023
May 14, 2025, 2:28 PM
Multiple vulnerabilities have been discovered in the current firmware of the PHOENIX CONTACT FL SWITCH SMCS series switches.
VDE-2021-019
May 14, 2025, 3:00 PM
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers …
VDE-2021-022
May 14, 2025, 2:28 PM
When the communication partner sends an invalid Modbus exception response to the FL COMSERVER UNI as a query, the Modbus communication stops, and the device will be unresponsive for some …