Latest posts tagged with #CSAF on Bluesky
An overview of the current set of sources in the db.gcve.eu instance running the latest version of vulnerability-lookup. https://db.gcve.eu/recent#fstec
A new pull request for Vulnerability-Lookup adds a CSAF producer that publishes advisories for many manufacturers.
This is great for defenders and researchers, as it increases the amount of detailed vulnerability information available.
It will push the […]
[Original post on infosec.exchange]
#OT #Advisory VDE-2026-012
CODESYS Installer - Possible Privilege Escalation
Exploitation of this vulnerability can lead to a privilege escalation on the host system.
#CVE CVE-2026-2364
https://certvde.com/en/advisories/vde-2026-012/
#CSAF […]
#OT #Advisory VDE-2025-096
Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230
An unauthenticated remote attacker can exploit several vulnerabilities in Weidmueller devices Energy Meter 750-24 and Energy Meter 750-230 to ultimately gain full system access and […]
#OT #Advisory VDE-2025-079
Janitza: Multiple vulnerabilities in UMG 96RM-E
An unauthenticated remote attacker can exploit several vulnerabilities in Janitza UMG 96RM-E devices to ultimately gain full system access and remote code execution.
#CVE CVE-2025-41709, CVE-2025-41712, CVE-2025-41710 […]
#OT #Advisory VDE-2026-001
METTLER TOLEDO: ASP.NET core vulnerability in LabX
LabX 21.2.12 (formerly known as LabX Cloud 1.2.12) is affected by the ASP.NET core vulnerability CVE-2025-55315.
#CVE CVE-2025-55315
https://certvde.com/en/advisories/vde-2026-001/
#oCSAF
#CSAF […]
#OT #Advisory VDE-2026-002
Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation
A vulnerability has been identified in WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the […]
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within […]
#OT #Advisory VDE-2026-007
TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability
The TRUMPF product versions listed below include a Wibu CodeMeter component that is vulnerable to a privilege escalation vulnerability through the CodeMeter installer on Windows.
#CVE CVE-2025-47809 […]
#OT #Advisory VDE-2026-0001
JBL: DoS vulnerability in Flip 4
Any attacker in radio range can send malicious messages to cause the device to crash.
#CVE CVE-2025-41725
https://certvde.com/en/advisories/vde-2026-0001/
#CSAF […]
#OT #Advisory VDE-2025-109
Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware
The OpenSSL library used in the affected products is vulnerable to an unbounded growth of the session cache in the TLSv1.3 implementation.
#CVE […]
#OT #Advisory VDE-2026-004
WAGO: Vulnerabilities in Managed Switch
Several vulnerabilities have been identified in the WAGO 852‑1328 device's web‑based management interface, which is implemented using a modified lighttpd server and custom CGI binaries. These issues include multiple stack buffer […]
日本語教育機関の認定申請に関する特別講習会を開催 #東京都 #中央区 #日本語教育機関 #CSAF #認定申請
新規の日本語教育機関向けに、認定申請の実務を解説。実例を交えた内容で、申請プロセスを理解できます。
During the question-and-answer session, attendees had the opportunity to ask panellists and members of #CSAF questions regarding the topics discussed, including the impacts of #UStariffs, #EUDR and price volatility trends on producers and lenders.
#OT #Advisory VDE-2025-097
METZ CONNECT: Config API – Authentication bypass leads to admin takeover in EWIO2 series
A critical authentication bypass in EWIO-2 allows unauthenticated attackers with network access to gain administrative control over the device. Once compromised, an attacker can […]
#COLEADNews - @coleadlink.bsky.social joined #EDFI Corporate Day & #CSAF Convening to share how linking funding and expertise fuels sustainable growth in African agribusiness: zurl.co/Ejg21
#ImpactFinance #AgriFood
新規の日本語教育機関向けの認定申請講習会が開催決定! #東京都 #中央区 #CSAF #BTS言語学院 #日本学習アカデミー
認定日本語教育機関の申請を目指す教育機関向けの講習会を開催。具体的な申請プロセスを解説します。
#OT #Advisory VDE-2025-086
Jumo: Predictable debug-interface password in variTRON series
Unauthorized root-access to the UART and ssh Interface.
#CVE CVE-2025-41731
https://certvde.com/en/advisories/vde-2025-086/
#CSAF jumo.csaf-tp.certvde.com/.well-known/csaf/white/2...
#OT #Advisory VDE-2025-062
WAGO: Multiple Vulnerabilities in CODESYS components
Several WAGO firmwares installed on different devices are impacted by various CODESYS vulnerabilities. These affect the runtime, visualization, and OPC UA server.
#CVE CVE-2025-1468, CVE-2025-0694, CVE-2025-2595 […]
#OT #Advisory VDE-2025-093
Pilz: Vulnerability affecting PASvisu Runtime
The PASvisu Runtime is affected by a vulnerability in a third-party component which can be exploited by a malicious web request.
#CVE CVE-2025-51495
https://certvde.com/en/advisories/vde-2025-093/
#CSAF […]
#OT #Advisory VDE-2025-091
Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro
User credentials, sent to the devices Webserver, are exposed to an attacker in the same network or network segment. The datas confidentiallity is compromised.
#CVE CVE-2025-41718 […]
#OT #Advisory VDE-2025-074
Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers
A vulnerability in the firmware of CHARX SEC-3xxx charging controllers have been discovered.
#CVE CVE-2025-41699
https://certvde.com/en/advisories/vde-2025-074/
#CSAF […]
#OT #Advisory VDE-2025-072
Phoenix Contact: Security Advisory for QUINT4-UPS EIP
Multiple vulnerabilities were discovered in the firmware of QUINT4-UPS EIP devices that can be used by an unauthenticated remote attacker to perform Denial of Service attacks and to gather login credentials for the […]
#OT #Advisory VDE-2025-087
WAGO: Vulnerabilities in Device Sphere and Solution Builder
Due to a missing authentication check, the WAGO Solution Builder and the WAGO Device Sphere are vulnerable to a potential information exposure.
#CVE CVE-2025-41715, CVE-2025-41716 […]
#OT #Advisory VDE-2025-083
WAGO: Vulnerability in hardware switch circuit
#CVE CVE-2025-41713
https://certvde.com/en/advisories/VDE-2025-083
#CSAF wago.csaf-tp.certvde.com/.well-known/csaf/white/2...
#OT #Advisory VDE-2025-085
Welotec: Path Traversal in SmartEMS Upload Handling
#CVE CVE-2025-41714
https://certvde.com/en/advisories/VDE-2025-085
#CSAF welotec.csaf-tp.certvde.com/.well-known/csaf/white/2...
#OT #Advisory VDE-2025-080
WAGO: Multiple Vulnerabilities in I/O-Check Service
#CVE CVE-2019-5080
https://certvde.com/en/advisories/VDE-2025-080
#CSAF wago.csaf-tp.certvde.com/.well-known/csaf/white/2...
