VDE-2020-015
June 10, 2020, 10:00 AM
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates. An attacker needs an authorized login with administrative privileges on the device …
VDE-2020-018
June 2, 2020, 10:42 AM
FL MGUARD, TC MGUARD, TC ROUTER and TC CLOUD CLIENT devices are affected by a buffer overflow vulnerability within the PPP service. The PPP service is not active by default, …
VDE-2020-017
May 22, 2025, 3:03 PM
PACTware passwords are stored in a recoverable format (CVE-2020-9403) PACTware passwords may be modified without knowing the current password (CVE-2020-9404)
VDE-2020-016
May 28, 2020, 3:00 PM
An open port used for debugging grants root access to the device without access control via network.
VDE-2020-014
May 14, 2025, 4:34 PM
Security researchers at ESET have reported a vulnerability called Kr00k (CVE-2019- 15126) which affects encrypted WiFi traffic for devices using Broadcom or Cypress chipsets. The vulnerability may allow an attacker …
VDE-2020-013
March 27, 2020, 10:48 AM
If the software runs as a service, a user with limited access can gain administrator privileges by starting a shell with administrator rights from the Import / Export configuration dialog.
VDE-2020-012
May 22, 2025, 3:03 PM
The Phoenix Contact application 'PC WORX SRT' is installed as service. The installation path of the application is configured to have insecure permissions which allows any unprivileged user to write …
VDE-2020-005
May 22, 2025, 3:03 PM
The coupler's function could be inhibited by an attack.