VDE-2021-019
May 14, 2025, 3:00 PM
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers …
VDE-2021-022
May 14, 2025, 2:28 PM
When the communication partner sends an invalid Modbus exception response to the FL COMSERVER UNI as a query, the Modbus communication stops, and the device will be unresponsive for some …
VDE-2021-021
May 14, 2025, 2:28 PM
An undocumented password protected FTP access to the root directory exists in certain devices of the AXL F BK and IL BK product families (CWE-798).
VDE-2021-020
May 14, 2025, 2:28 PM
Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data (CWE-824). The attacker needs to get access …
VDE-2021-026
May 14, 2025, 3:00 PM
Multiple issues in Weidmueller Industrial WLAN devices have been found. Initial publication date: 2021-06-23 Update A publication date: 2021-07-02 Update A CVE-2021-33534 CVSS: 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) Description: An exploitable command injection …
VDE-2021-014
May 22, 2025, 3:03 PM
Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC's.
VDE-2021-010
May 14, 2025, 2:28 PM
Endress+Hauser products utilizing WPA2 are vulnerable to KRACK attacks. Proline portfolio is a flow meter with an optional WLAN interface in the display. The flowmeters are only affected if the …
VDE-2021-018
May 12, 2021, 10:57 AM
Critical vulnerability has been discovered in the utilized components rcX, mbedTLS, PROFINET IO Device and EtherNet/IP Core by Hilscher Gesellschaft für Systemautomation mbH. The impact of the vulnerabilities on the …