VDE-2022-027
July 10, 2025, 12:00 PM
The Festo controller CECC product family in firmware version 2.4.2.0 is affected by multiple vulnerabilities in the CODESYS V3 runtime.
VDE-2022-030
July 11, 2022, 12:00 PM
The machine controller of the cabinet series include an OPC-UA server which uses an user management to authenticate clients via anonymous or user/password authentication. If the user/password authentication is selected, …
VDE-2022-020
June 23, 2025, 10:00 AM
The Festo controller CECC-X-M1 product family in multiple versions are affected by a preauthentication command injection vulnerability. Update A, 2022-07-05 Remediation has been updated. Fixed firmwares are now available.
VDE-2021-004
June 21, 2022, 10:00 AM
A critical vulnerability has been discovered in the utilized component EtherNet/IP Adapter Development Kit (EADK) by Pyramid Solutions, Inc.. For details refer to CVE(s).This vulnerability may allow an attacker to …
VDE-2022-028
May 14, 2025, 3:00 PM
PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool
ProConOS/ProConOS eCLR designed for use in closed industrial networks provide communication protocols without authentication. Please also refer the original ICS-CERT advisory ICSA-15-013-03 published 13 January 2015.
VDE-2022-026
May 22, 2025, 3:03 PM
ProConOS/ProConOS eCLR insufficiently verifies uploaded data.
VDE-2022-025
May 22, 2025, 3:03 PM
The affected devices insufficiently verify uploaded data.
VDE-2022-024
May 14, 2025, 3:00 PM
Improper buffer restrictions in the webserver used in SIMA² Master Station software versions < V 2.6 may allow an unauthenticated network-based attacker to stop the cyclic program on the device …