VDE-2021-021
May 14, 2025, 2:28 PM
An undocumented password protected FTP access to the root directory exists in certain devices of the AXL F BK and IL BK product families (CWE-798).
VDE-2021-020
May 14, 2025, 2:28 PM
Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data (CWE-824). The attacker needs to get access …
VDE-2021-024
May 14, 2025, 2:28 PM
The vulnerability is a Time-of-Check-Time-of-Use (CWE-367) issue which allows an attacker with access to the firmware update file to overwrite it after it has been verified (but before installation is …
VDE-2020-046
May 14, 2025, 2:28 PM
For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration …
VDE-2020-049
Dec. 17, 2020, 10:00 AM
Multiple vulnerabilities have been identified in PLCnext Control devices. Please consult the aforementioned CVE-IDs.
VDE-2020-047
May 14, 2025, 2:28 PM
Uncontrolled Resource Consumption can be exploited to cause the HMI to become unresponsive and not accurately update the display content (Denial of Service).
VDE-2020-030
Sept. 9, 2020, 8:22 AM
Several vulnerabilities have been discovered in WIBU-SYSTEMS CodeMeter and published 08 September 2020. Phoenix Contact is only affected by a subset of these vulnerabilities. Phoenix Contact products are not affected …
VDE-2020-026
May 22, 2025, 3:03 PM
A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart to correct.