#OT #Advisory VDE-2025-036
Endress+Hauser: Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4

#CVE CVE-2025-1708, CVE-2025-27461, CVE-2025-27460, CVE-2025-27449, CVE-2025-1710, CVE-2025-27456, CVE-2025-27447, CVE-2025-27448, CVE-2025-27458, CVE-2025-27450, CVE-2025-1709, CVE-2025-27457, CVE-2025-27451, CVE-2025-27453, CVE-2025-27452, CVE-2025-27459, CVE-2025-1711, CVE-2025-27454, CVE-2025-27455

https://certvde.com/en/advisories/VDE-2025-036

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-036.json

#OT #Advisory VDE-2025-045
Pilz: Missing Authentication in Node-RED integration

#CVE CVE-2025-41656

https://certvde.com/en/advisories/VDE-2025-045

#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2025/ppsa-2025-002.json

#OT #Advisory VDE-2025-039
Pilz: Authentication Bypass in IndustrialPI Webstatus

#CVE CVE-2025-41648

https://certvde.com/en/advisories/VDE-2025-039

#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2025/ppsa-2025-003.json

#OT #Advisory VDE-2025-046
Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory

#CVE CVE-2025-32011, CVE-2025-35996, CVE-2025-36558

https://certvde.com/en/advisories/VDE-2025-046

#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2025/ppsa-2025-001.json

#OT #Advisory VDE-2024-061
ifm: Improper Access Control vulnerability

#CVE CVE-2024-8419

https://certvde.com/en/advisories/VDE-2024-061

#CSAF https://ifm.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-061.json

#OT #Advisory VDE-2025-043
Lenze: PLC Designer V4 with insecure storage of sensitive information

#CVE CVE-2025-41647

https://certvde.com/en/advisories/VDE-2025-043

#CSAF https://lenze.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-043.json

#OT #Advisory VDE-2025-038
Helmholz: Vulnerabilities in myREX24/myREX24.virtual

#CVE CVE-2025-3091, CVE-2025-3092

https://certvde.com/en/advisories/VDE-2025-038

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-038.json

#OT #Advisory VDE-2025-037
Helmholz: Vulnerabilities in myREX24/myREX24.virtual

#CVE CVE-2025-3090

https://certvde.com/en/advisories/VDE-2025-037

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-037.json

#OT #Advisory VDE-2025-035
MB connect line: Vulnerabilities in mbCONNECT24/mymbCONNECT24

#CVE CVE-2025-3091, CVE-2025-3092

https://certvde.com/en/advisories/VDE-2025-035

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-035.json

#OT #Advisory VDE-2025-034
MB connect line: Vulnerabilities in mbCONNECT24/mymbCONNECT24

#CVE CVE-2025-3090

https://certvde.com/en/advisories/VDE-2025-034

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-034.json

#OT #Advisory VDE-2025-040
WAGO: Vulnerabilities in ctrlX OS app

#CVE CVE-2025-24351, CVE-2025-24344, CVE-2025-24338, CVE-2025-24343, CVE-2025-24350, CVE-2025-24346, CVE-2025-24347, CVE-2025-24348, CVE-2025-24349, CVE-2025-27532, CVE-2025-24340, CVE-2025-24341, CVE-2025-24342, CVE-2025-24345, CVE-2025-24339

https://certvde.com/en/advisories/VDE-2025-040

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-040.json

#OT #Advisory VDE-2025-018
WAGO: Vulnerabilities in WAGO Device Manager

#CVE CVE-2025-25264, CVE-2025-25265

https://certvde.com/en/advisories/VDE-2025-018

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-018.json

#OT #Advisory VDE-2025-052
Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities

#CVE CVE-2025-41661, CVE-2025-41662, CVE-2025-41663

https://certvde.com/en/advisories/VDE-2025-052

#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-052.json

#OT #Advisory VDE-2025-047
AUMA: Incorrect delivery status of the Bluetooth configuration

#CVE CVE-2025-41657

https://certvde.com/en/advisories/VDE-2025-047

#CSAF https://auma.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-047.json

#OT #Advisory VDE-2025-020
WAGO: Switches affected by year 2k38 problem

#CVE CVE-2025-1235

https://certvde.com/en/advisories/VDE-2025-020

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-020.json

#OT #Advisory VDE-2025-044
Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities

#CVE CVE-2025-41651, CVE-2025-41652, CVE-2025-41649, CVE-2025-41650, CVE-2025-41653

https://certvde.com/en/advisories/VDE-2025-044

#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-044.json

#OT #Advisory VDE-2025-042
Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway

#CVE CVE-2025-26168, CVE-2025-26169

https://certvde.com/en/advisories/VDE-2025-042

#CSAF https://lenze.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-042.json

#OT #Advisory VDE-2025-011
PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure

#CVE CVE-2025-41654, CVE-2025-41655, CVE-2025-1985

https://certvde.com/en/advisories/VDE-2025-011

#CSAF https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-011.json

#OT #Advisory VDE-2025-041
Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX

Weidmueller product ResMa is affected by ASP.NET AJAX vulnerability.
Weidmueller has released a new firmware for the affected product to fix the vulnerability.
#CVE CVE-2025-3600

https://certvde.com/en/advisories/VDE-2025-041

#CSAF https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-041.json

#OT #Advisory VDE-2025-029
Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers

A denial of service (DoS) attack targeting port 80 (http service) can overload the device (CWE-770). This behaviour has been observed when running network security scanners.
#CVE CVE-2025-2813

https://certvde.com/en/advisories/VDE-2025-029

#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-029.json