VDE-2023-028
May 14, 2025, 3:00 PM
Forescout Research Labs, partnering with JSOF Research, disclosed NAME:WRECK, a set of Domain Name System (DNS) vulnerabilities that have the potential to cause either Denial of Service (DoS) or Remote …
VDE-2023-027
Aug. 7, 2023, 11:35 AM
A reflected cross-site scripting vulnerability exists in the System Diagnostics Manager (SDM) component of SIMA² Master Stations.
VDE-2023-025
Aug. 3, 2023, 1:18 PM
The CODESYS Control V3 runtime system does not restrict the memory accesses of the PLC application code to the PLC application data and does not sufficiently check the integrity of …
VDE-2023-023
Aug. 3, 2023, 1:08 PM
The CODESYS Development System does not limit the number of attempts to guess the password within an import dialog.
VDE-2023-022
Aug. 3, 2023, 12:52 PM
The Notification Center of the CODESYS Development System receives messages without ensuring that the message was not modified during transmission. This finally enables MITMs code execution when the user clicks …
VDE-2023-021
Aug. 3, 2023, 12:48 PM
The CODESYS Development System is vulnerable to the execution of malicious binaries from the current working directory.
VDE-2023-019
Aug. 3, 2023, 12:42 PM
CODESYS Control V3 runtime systems are affected by several security vulnerabilities in the communication server implementations for the CODESYS protocol. These may be exploited by authenticated attackers.
VDE-2023-026
May 22, 2025, 3:03 PM
Multiple WAGO devices are prone to vulnerabilites in the used CODESYS V3 framework.