Advisories

Show filters filter

Manufacturer

Scoring

For CVSS 2.0, 3.0 and 3.2

No CVE available

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2022-032

Aug. 9, 2022, 10:00 AM

AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service

The SIMA2 Master Station features an NTP service based on ntpd, a reference implementation of the Network Time Protocol (NTP). Affected SIMA2 Master Stations with software version < V2.6 include …

CVE-2015-7705

CVE-2015-7853

CVE-2018-7183

CVE-2018-12327

CVE-2015-7871

CVE-2017-6460

CVE-2017-6458

CVE-2015-7854

CVE-2015-7849

CVE-2017-6462

CVE-2017-6451

CVE-2015-7974

CVE-2016-4957

CVE-2016-7426

CVE-2015-7703

CVE-2015-5300

CVE-2015-7701

CVE-2020-11868

CVE-2019-8936

CVE-2018-7185

CVE-2018-7184

CVE-2018-7182

CVE-2016-7434

CVE-2016-4954

CVE-2016-4953

CVE-2015-7979

CVE-2015-7978

CVE-2015-7704

CVE-2015-7692

CVE-2015-7691

CVE-2020-13817

CVE-2016-1548

CVE-2016-1549

CVE-2017-6464

CVE-2017-6463

CVE-2016-9310

CVE-2015-7973

CVE-2015-7855

CVE-2015-7851

CVE-2015-7850

CVE-2015-7702

CVE-2015-7975

CVE-2016-2519

CVE-2016-9311

CVE-2016-4955

CVE-2015-8158

CVE-2015-7977

CVE-2015-7852

CVE-2016-2516

CVE-2016-4956

CVE-2018-8956

CVE-2016-7433

CVE-2016-7431

CVE-2016-2518

CVE-2016-2517

CVE-2016-1550

CVE-2016-1547

CVE-2015-8139

CVE-2015-8138

CVE-2020-15025

CVE-2015-8140

CVE-2016-7428

CVE-2016-7427

CVE-2015-7976

CVE-2016-1551

CVE-2016-7429

CVE-2014-9750

CVE-2014-9296

CVE-2014-9295

CVE-2014-9294

CVE-2014-9293

CVE-2013-5211

CVE-2009-3563

VDE-2022-022

Nov. 3, 2025, 12:00 PM

Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system

The Festo controller CECC product family is affected by multiple vulnerabilities in the CODESYS V3 runtime.

CVE-2018-10612

CVE-2019-9010

CVE-2019-13548

CVE-2019-18858

CVE-2020-10245

CVE-2021-33485

CVE-2019-9013

CVE-2019-9008

CVE-2022-22515

CVE-2010-5250

CVE-2020-12069

CVE-2018-20025

CVE-2018-20026

CVE-2019-13532

CVE-2022-22517

CVE-2022-22519

CVE-2021-29241

CVE-2019-5105

CVE-2019-9012

CVE-2021-36764

CVE-2020-12067

CVE-2019-9009

CVE-2020-15806

CVE-2021-36763

CVE-2021-29242

CVE-2022-22514

CVE-2018-0739

CVE-2020-7052

CVE-2019-13542

CVE-2020-12068

CVE-2022-22513

CVE-2017-3735

CVE-2019-9011

VDE-2022-027

July 10, 2025, 12:00 PM

Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system

The Festo controller CECC product family in firmware version 2.4.2.0 is affected by multiple vulnerabilities in the CODESYS V3 runtime.

CVE-2020-10245

CVE-2021-33485

CVE-2019-9013

CVE-2022-22515

CVE-2020-12069

CVE-2022-22517

CVE-2022-22519

CVE-2021-29241

CVE-2019-5105

CVE-2021-36764

CVE-2020-12067

CVE-2020-15806

CVE-2021-36763

CVE-2021-29242

CVE-2022-22514

CVE-2020-12068

CVE-2022-22513

CVE-2019-9011

VDE-2022-030

July 11, 2022, 12:00 PM

Lenze: Vulnerability in the OPC-UA authentification connection in the firmware

The machine controller of the cabinet series include an OPC-UA server which uses an user management to authenticate clients via anonymous or user/password authentication. If the user/password authentication is selected, …

CVE-2022-2302

VDE-2022-020

June 23, 2025, 10:00 AM

Festo: CECC-X-M1 - command injection vulnerabilities

The Festo controller CECC-X-M1 product family in multiple versions are affected by a preauthentication command injection vulnerability. Update A, 2022-07-05 Remediation has been updated. Fixed firmwares are now available.

CVE-2022-30308

CVE-2022-30309

CVE-2022-30310

CVE-2022-30311

VDE-2021-004

June 21, 2022, 10:00 AM

Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write

A critical vulnerability has been discovered in the utilized component EtherNet/IP Adapter Development Kit (EADK) by Pyramid Solutions, Inc.. For details refer to CVE(s).This vulnerability may allow an attacker to …

CVE-2022-1737

VDE-2022-028

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

ProConOS/ProConOS eCLR designed for use in closed industrial networks provide communication protocols without authentication. Please also refer the original ICS-CERT advisory ICSA-15-013-03 published 13 January 2015.

CVE-2014-9195

VDE-2022-026

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

ProConOS/ProConOS eCLR insufficiently verifies uploaded data.

CVE-2022-31801