est. 2017
Supporting OT/ICS Security.
#CVE #CSAF #Advisory #OT
We are the #CNA for:
365FarmNet, ads-tec Industrial IT, AKG, AMX, Auma, Beckhoff, Bender, Bucher Automation, Carlo Gavazzi Controls, CLAAS, Codesys, Dräger, DURAG, Endress+Hauser, Etherwan Systems, Euchner, Festo, Festo Didactic, Frauscher, Futronic, GEA, Harman International, Helmholz, Hilscher, HIMA, HYDAC, HYDAC Electronic GmbH, HYDAC Software GmbH, HYDAC Filter Systems GmbH, TTControl, ifm, Innominate, JBL, Jetter, JUMO, K4 DIGITAL, KEB, Kendrion, KEBA, KROHNE, KUKA, KUHNKE, Lenze, M&M Software, MB connect line, Miele, Murrelektronik, NEOCEPTION, Pepperl+Fuchs, PHOENIX CONTACT, Pilz, Red Lion Europe, Satinfo, SMA, SWARCO, Sysmik, TRUMPF, VARTA Storage, VEGA, VMT Vision Machine Technic, WAGO, Weidmueller, Welotec, Wiesemann & Theis.
See https://certvde.com/en/cna/ for details.
#OT #Advisory VDE-2025-044
Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities
#CVE CVE-2025-41651, CVE-2025-41652, CVE-2025-41649, CVE-2025-41650, CVE-2025-41653
https://certvde.com/en/advisories/VDE-2025-044
#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-044.json
#OT #Advisory VDE-2025-042
Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway
#CVE CVE-2025-26168, CVE-2025-26169
https://certvde.com/en/advisories/VDE-2025-042
#CSAF https://lenze.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-042.json
#OT #Advisory VDE-2025-011
PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure
#CVE CVE-2025-41654, CVE-2025-41655, CVE-2025-1985
https://certvde.com/en/advisories/VDE-2025-011
#CSAF https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-011.json
#OT #Advisory VDE-2025-041
Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX
Weidmueller product ResMa is affected by ASP.NET AJAX vulnerability.
Weidmueller has released a new firmware for the affected product to fix the vulnerability.
#CVE CVE-2025-3600
https://certvde.com/en/advisories/VDE-2025-041
#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-041.json
#OT #Advisory VDE-2025-029
Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers
A denial of service (DoS) attack targeting port 80 (http service) can overload the device (CWE-770). This behaviour has been observed when running network security scanners.
#CVE CVE-2025-2813
https://certvde.com/en/advisories/VDE-2025-029
#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-029.json
#OT #Advisory VDE-2025-024
Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version
Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability.
#CVE CVE-2012-6708
https://certvde.com/en/advisories/VDE-2025-024
#CSAF https://wut.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-024.json
#OT #Advisory VDE-2025-010
SMA: Sunny Portal demo system privilege escalation
A security researcher discovered a privilege escalation vulnerability in the demo system area of the SMA Classic Portal, www.sunnyportal.com. Only systems of other users have been affected who unintendedly and illicitly had added their non-demo systems to the demo system area.
#CVE CVE-2025-41645
https://certvde.com/en/advisories/VDE-2025-010
#CSAF https://sma.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-010.json
#OT #Advisory VDE-2025-026
AUMA Riester: Buffer overflow in service telegram
Sending too much data in the service telegram of AUMA actuators leads to a buffer overflow in the actuator controls. Depending on the actuator, the service telegram is transmitted either via Bluetooth or RS232
#CVE CVE-2025-3496
https://certvde.com/en/advisories/VDE-2025-026
#CSAF https://auma.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-026.json
#OT #Advisory #Update VDE-2023-046
WAGO: Multiple products vulnerable to local file inclusion
An attacker with administrative privileges which can access sensitive files can additionally access them in an unintended, undocumented way.
UPDATE 07.05.2025: The fixed versions have been updated, because the previously mentioned versions are still vulnerable to this issue. More details have been added to the hardware devices. More affected version numbers were added to the firmwares.
#CVE CVE-2023-4089
https://certvde.com/en/advisories/VDE-2023-046
#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-046.json
#OT #Advisory VDE-2025-032
Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting
Multiple W&T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via crafted payloads injected into several input fields of the configuration webpage.
#CVE CVE-2025-3020
https://certvde.com/en/advisories/VDE-2025-032
#CSAF https://wut.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-032.json
#OT #Advisory VDE-2025-031
Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions
Com-Server firmware versions prior to 1.60 support the insecure TLS 1.0 and TLS 1.1 protocols, which are susceptible to man-in-the-middle attacks and thereby compromise the confidentiality and integrity of data.
#CVE CVE-2025-3200
https://certvde.com/en/advisories/VDE-2025-031
#CSAF https://wut.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-031.json
#OT #Advisory VDE-2025-027
CODESYS Visualization user management bypass in WebVisu
An unauthenticated attacker can read static visualization files of the CODESYS WebVisu, by bypassing the CODESYS Visualization user management applying forced browsing.
#CVE CVE-2025-2595
https://certvde.com/en/advisories/VDE-2025-027
#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2025/advisory2025-05_vde-2025-027.json
#OT #Advisory VDE-2024-004
TRUMPF: Multiple products affected by log4net vulnerability
The versions of TRUMPF products stated below are including a version of log4net that’s prone to XXE (External XML Entities) attacks under certain circumstances. This means, the log4net code can be tricked into loading externally hosted, potentially malicious XML code and possibly executing it. This vulnerability allows for the execution of remote XML code, possibly resulting in unauthorized (remote) access to, change of data or disruption of the whole system running the vulnerable application.
#CVE CVE-2018-1285
https://certvde.com/en/advisories/VDE-2024-004
#CSAF https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-004.json
#OT #Advisory VDE-2025-007
WAGO: Year 2038 problem
The Year 2038 Problem affects systems using a 32-bit integer to represent time as the number of seconds since January 1, 1970. On January 19, 2038, at 03:14:07 UTC, the time value will exceed the maximum for a 32-bit integer, causing an overflow and resetting it to a negative number.
#CVE CVE-2025-0101
https://certvde.com/en/advisories/VDE-2025-007
#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-007.json
#OT #Advisory VDE-2025-033
ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products
The ADS-TEC firewall products IRF1000, IRF2000, and IRF3000 include Eclipse Mosquitto, affected by multiple vulnerabilities. Exploitation requires a compromised upstream MQTT broker, limiting direct device exposure.
#CVE CVE-2024-10525, CVE-2024-8376, CVE-2024-3935
https://certvde.com/en/advisories/VDE-2025-033
#CSAF https://ads-tec-iit.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-033.json
#OT #Advisory VDE-2024-010
MB connect line: Vulnerabilities in mbCONNECT24 and mymbCONNECT24
The data24 service that is bundled with every installation of mbCONNECT24/mymbCONNECT24 has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and availability.
#CVE CVE-2024-23943, CVE-2024-23942
https://certvde.com/en/advisories/VDE-2024-010
#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-010.json
#OT #Advisory VDE-2024-031
Helmholz: Vulnerabilities in myREX24 and myREX24.virtual
The data24 service that is bundled with every installation of myREX24/myREX24.virtual has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and availability.
#CVE CVE-2024-23943, CVE-2024-23942
https://certvde.com/en/advisories/VDE-2024-031
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-031.json
#OT #Advisory VDE-2025-015
CODESYS Control V3 removable media path traversal
A low privileged attacker with physical access to a controller, that supports removable media and is running a CODESYS Control runtime system, can exploit the insufficient path validation by connecting removable media with a file system supporting symbolic links. This could allow the attacker to bypass SysFile restrictions and gain unauthorized access to the entire file system.
#CVE CVE-2025-0694
https://certvde.com/en/advisories/VDE-2025-015
#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2025/advisory2025-03_vde-2025-015.json
#OT #Advisory VDE-2025-013
CODESYS (Edge) Gateway for Windows insecure default
The CODESYS Gateway enables communication between CODESYS runtimes and other clients, primarily the CODESYS Development System V3. It is usually installed as a part of the CODESYS Development System V3 setup and accessed locally by the CODESYS Development System. Due to an insecure standard configuration of the CODESYS Gateway, it is not only accessible locally, but also remotely by default.
#CVE CVE-2024-41975
https://certvde.com/en/advisories/VDE-2025-013
#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2025/advisory2025-02_vde-2025-013.json
#OT #Advisory VDE-2025-022
CODESYS Control V3 - OPC UA Server Authentication bypass
The OPC UA security policy Basic128Rsa15 is vulnerable against attacks on the private key. This can lead to loss of confidentiality or authentication bypass. The CODESYS OPC UA server is not affected in the default configuration. However, the affected policy may be enabled by a customer configuration.
#CVE CVE-2025-1468
https://certvde.com/en/advisories/VDE-2025-022
#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2025/advisory2025-04_vde-2025-022.json