VDE-2025-018
Oct. 7, 2025, 10:00 AM
Vulnerabilities have been discovered in the WAGO Device Manager that allow any origin to access the server and set header values, as well as an endpoint that permits read access …
VDE-2025-040
June 16, 2025, 12:00 PM
The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands …
VDE-2025-052
July 23, 2025, 12:00 PM
Weidmueller security routers IE-SR-2TX are affected by multiple vulnerabilities (CVE-2025-41661, CVE-2025-41663, CVE-2025-41683, CVE-2025-41684, CVE-2025-41687). Weidmueller has released new firmware versions of the affected products to fix the vulnerabilities. **Update Version …
VDE-2025-047
June 10, 2025, 12:00 PM
For actuators with AC.2 controls and PROFOX actuators, a wrong configuration occurred for deliveries within the period from 01.01.2024 to 09.05.2025. Despite the ordered option "L90.00 = Bluetooth always deactivated", …
VDE-2025-020
June 2, 2025, 8:00 AM
The Year 2038 Problem affects systems using a 32-bit integer to represent time as the number of seconds since January 1st, 1970. On January 19, 2038, at 03:14:07 UTC, the …
VDE-2025-042
May 27, 2025, 11:00 AM
The Lenze VPN client is vulnerable to a Local Privilege Escalation to root/SYSTEM by executing a configuration file which can be controlled by a non-privileged user. This occurs through a …
VDE-2025-044
Aug. 27, 2025, 12:00 PM
Weidmueller industrial ethernet switches are affected by multiple vulnerabilities. Weidmueller has released new firmwares of the affected products to fix the vulnerabilities.
VDE-2025-011
Aug. 27, 2025, 12:00 PM
A stored cross-site scripting vulnerability has been discovered in the profinet gateway LB8122A.1.EL. An attacker can write an HTML tag with up to 32 characters in the message field of …