| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-3379 | 8.8 | 0.00% | 2 | 0 | 2026-03-01T03:16:16.743000 | A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects | |
| CVE-2026-28426 | 8.7 | 0.03% | 2 | 0 | 2026-03-01T01:31:09 | ### Impact Stored XSS vulnerability in svg and icon related components allow aut | |
| CVE-2026-28425 | 8.0 | 0.14% | 2 | 0 | 2026-03-01T01:30:56 | ### Impact An authenticated control panel user with access to Antlers-enabled in | |
| CVE-2026-28416 | 8.2 | 0.03% | 2 | 0 | 2026-03-01T01:29:34 | ### Summary A Server-Side Request Forgery (SSRF) vulnerability in Gradio allows | |
| CVE-2026-28406 | 8.2 | 0.12% | 2 | 0 | 2026-03-01T01:28:04 | kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` w | |
| CVE-2026-26861 | 8.3 | 0.02% | 2 | 0 | 2026-03-01T01:26:28 | CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-site Scripti | |
| CVE-2026-3010 | 0 | 0.05% | 2 | 0 | 2026-02-28T12:16:39.317000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-2844 | 0 | 0.05% | 2 | 0 | 2026-02-28T12:16:37.713000 | Missing Authentication for Critical Function vulnerability in Microchip TimePict | |
| CVE-2025-13673 | 7.5 | 0.06% | 2 | 0 | 2026-02-28T09:30:14 | The Tutor LMS – eLearning and online course solution plugin for WordPress is vul | |
| CVE-2026-2471 | 7.5 | 0.04% | 2 | 0 | 2026-02-28T09:30:14 | The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection i | |
| CVE-2026-2788 | 9.8 | 0.05% | 1 | 0 | 2026-02-28T04:16:19.250000 | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerabil | |
| CVE-2026-0980 | 8.3 | 0.22% | 2 | 0 | 2026-02-28T02:45:38 | A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller | |
| CVE-2026-28363 | 10.0 | 0.09% | 3 | 0 | 2026-02-28T02:17:26 | In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be b | |
| CVE-2026-28268 | 9.8 | 0.03% | 4 | 0 | 2026-02-28T01:59:29 | **Summary** A critical business logic vulnerability exists in the password reset | |
| CVE-2025-11252 | 9.8 | 0.03% | 2 | 0 | 2026-02-28T01:09:31.663000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-27959 | 7.5 | 0.07% | 1 | 0 | 2026-02-28T00:55:26.413000 | Koa is middleware for Node.js using ES2017 async functions. Prior to versions 3. | |
| CVE-2026-1662 | 7.5 | 0.03% | 1 | 0 | 2026-02-28T00:45:30.697000 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 | |
| CVE-2026-20742 | 8.0 | 0.20% | 1 | 0 | 2026-02-27T23:13:46.087000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-21389 | 8.0 | 0.20% | 1 | 0 | 2026-02-27T23:12:14.313000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-21718 | 10.0 | 0.07% | 2 | 0 | 2026-02-27T23:11:48.947000 | An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12 | |
| CVE-2026-20764 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:11:05.393000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-24452 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:08:17.530000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-25196 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:06:36.453000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-28414 | 7.5 | 0.15% | 2 | 0 | 2026-02-27T22:16:24.330000 | Gradio is an open-source Python package designed for quick prototyping. Prior to | |
| CVE-2026-28411 | 9.8 | 0.27% | 4 | 0 | 2026-02-27T22:16:24.170000 | WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an u | |
| CVE-2026-28408 | 9.8 | 0.05% | 4 | 0 | 2026-02-27T22:16:23.847000 | WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the | |
| CVE-2026-28400 | 7.5 | 0.02% | 2 | 0 | 2026-02-27T22:16:23.160000 | Docker Model Runner (DMR) is software used to manage, run, and deploy AI models | |
| CVE-2026-27804 | None | 0.04% | 1 | 0 | 2026-02-27T21:52:22 | ### Impact An unauthenticated attacker can forge a Google authentication token | |
| CVE-2026-27939 | 8.8 | 0.02% | 2 | 0 | 2026-02-27T21:35:03 | ## Impact Authenticated Control Panel users may under certain conditions obtain | |
| CVE-2025-40932 | 8.2 | 0.03% | 2 | 0 | 2026-02-27T21:32:27 | Apache::SessionX versions through 2.01 for Perl create insecure session id. Apa | |
| CVE-2026-2597 | 7.5 | 0.04% | 2 | 0 | 2026-02-27T21:32:27 | Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buff | |
| CVE-2026-24352 | 9.8 | 0.04% | 2 | 0 | 2026-02-27T21:32:27 | PluXml CMS allows a user's session identifier to be set before authentication. T | |
| CVE-2025-69437 | 8.7 | 0.04% | 2 | 0 | 2026-02-27T21:32:27 | PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can | |
| CVE-2026-27141 | 7.5 | 0.05% | 2 | 0 | 2026-02-27T21:32:22 | Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running s | |
| CVE-2026-27755 | 9.8 | 0.11% | 4 | 0 | 2026-02-27T21:31:26 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak sessio | |
| CVE-2026-27510 | 9.7 | 0.08% | 3 | 0 | 2026-02-27T21:31:21 | Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree G | |
| CVE-2026-27509 | 8.0 | 0.03% | 3 | 0 | 2026-02-27T21:31:21 | Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not imp | |
| CVE-2026-22207 | 9.8 | 0.17% | 2 | 0 | 2026-02-27T21:31:21 | OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken ac | |
| CVE-2026-22206 | 8.8 | 0.14% | 2 | 0 | 2026-02-27T21:31:21 | SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows | |
| CVE-2026-22205 | 7.5 | 0.23% | 2 | 0 | 2026-02-27T21:31:21 | SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability cau | |
| CVE-2026-2796 | 9.8 | 0.04% | 1 | 0 | 2026-02-27T21:16:19.923000 | JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability | |
| CVE-2026-27947 | 0 | 0.30% | 2 | 0 | 2026-02-27T20:21:40.513000 | Group-Office is an enterprise customer relationship management and groupware too | |
| CVE-2026-27836 | 7.5 | 0.03% | 2 | 0 | 2026-02-27T20:21:40.330000 | phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the Web | |
| CVE-2026-26862 | 8.3 | 0.01% | 2 | 0 | 2026-02-27T20:21:37.327000 | CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Si | |
| CVE-2026-28274 | 8.7 | 0.07% | 2 | 0 | 2026-02-27T19:07:37.763000 | Initiative is a self-hosted project management platform. Versions of the applica | |
| CVE-2026-27635 | 7.5 | 0.05% | 1 | 0 | 2026-02-27T18:36:30.553000 | Manyfold is an open source, self-hosted web application for managing a collectio | |
| CVE-2026-27449 | 7.5 | 0.05% | 3 | 0 | 2026-02-27T18:35:58 | ### Description A vulnerability has been identified in Umbraco Engage where cert | |
| CVE-2026-3271 | 8.8 | 0.11% | 1 | 0 | 2026-02-27T18:32:07 | A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP | |
| CVE-2026-2749 | 10.0 | 0.03% | 4 | 0 | 2026-02-27T18:31:12 | Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Cent | |
| CVE-2026-27751 | 9.8 | 0.04% | 4 | 0 | 2026-02-27T18:31:12 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default cre | |
| CVE-2026-27969 | 8.8 | 0.04% | 3 | 0 | 2026-02-27T18:28:21.607000 | Vitess is a database clustering system for horizontal scaling of MySQL. Prior to | |
| CVE-2025-11251 | 9.8 | 0.01% | 2 | 0 | 2026-02-27T17:22:23.443000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-27904 | 7.5 | 0.04% | 1 | 0 | 2026-02-27T17:16:23.773000 | minimatch is a minimal matching utility for converting glob expressions into Jav | |
| CVE-2026-27942 | 7.5 | 0.04% | 2 | 0 | 2026-02-27T17:14:16.193000 | fast-xml-parser allows users to validate XML, parse XML to JS object, or build X | |
| CVE-2026-28370 | 9.1 | 0.08% | 3 | 0 | 2026-02-27T16:58:27.747000 | In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0 | |
| CVE-2026-2750 | 9.1 | 0.04% | 2 | 1 | 2026-02-27T16:16:25.827000 | Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Cen | |
| CVE-2026-27831 | 7.5 | 0.04% | 1 | 1 | 2026-02-27T16:16:24.617000 | rldns is an open source DNS server. Version 1.3 has a heap-based out-of-bounds r | |
| CVE-2026-28216 | 8.3 | 0.04% | 2 | 0 | 2026-02-27T15:51:42.330000 | hoppscotch is an open source API development ecosystem. Prior to version 2026.2. | |
| CVE-2026-3272 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T15:48:08.343000 | A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function f | |
| CVE-2026-27966 | 9.8 | 0.31% | 2 | 0 | 2026-02-27T15:47:29 | # 1. Summary The CSV Agent node in Langflow hardcodes `allow_dangerous_code=Tr | |
| CVE-2026-3274 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T15:46:57.927000 | A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issu | |
| CVE-2026-3275 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T15:46:20.130000 | A weakness has been identified in Tenda F453 1.0.0.3. This affects the function | |
| CVE-2026-25136 | 8.1 | 0.04% | 1 | 0 | 2026-02-27T15:43:26.510000 | Rucio is a software framework that provides functionality to organize, manage, a | |
| CVE-2026-3301 | 9.8 | 2.90% | 2 | 0 | 2026-02-27T15:36:49.730000 | A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affe | |
| CVE-2026-2751 | 8.3 | 0.01% | 2 | 0 | 2026-02-27T15:34:20 | Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. | |
| CVE-2026-23750 | 8.1 | 0.01% | 2 | 0 | 2026-02-27T15:34:18 | Golioth Pouch version 0.1.0 prior to [INSERT FIXED VERSION], fixed in commit 1b2 | |
| CVE-2026-26955 | 8.8 | 0.04% | 1 | 0 | 2026-02-27T14:50:07.533000 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio | |
| CVE-2025-10990 | 7.5 | 0.15% | 2 | 0 | 2026-02-27T14:16:27.567000 | A flaw was found in REXML. A remote attacker could exploit inefficient regular e | |
| CVE-2026-21902 | 9.8 | 0.25% | 7 | 0 | 2026-02-27T14:06:59.787000 | An Incorrect Permission Assignment for Critical Resource vulnerability in the On | |
| CVE-2026-0542 | 0 | 0.21% | 1 | 0 | 2026-02-27T14:06:59.787000 | ServiceNow has addressed a remote code execution vulnerability that was identifi | |
| CVE-2026-27497 | 0 | 0.06% | 1 | 0 | 2026-02-27T14:06:59.787000 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2. | |
| CVE-2026-27850 | 7.5 | 0.03% | 1 | 0 | 2026-02-27T14:06:59.787000 | Due to an improperly configured firewall rule, the router will accept any connec | |
| CVE-2026-22719 | 8.1 | 0.33% | 1 | 0 | 2026-02-27T14:06:59.787000 | VMware Aria Operations contains a command injection vulnerability. A malicious u | |
| CVE-2026-27577 | 0 | 0.09% | 1 | 0 | 2026-02-27T14:06:59.787000 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2. | |
| CVE-2026-26985 | 8.1 | 0.04% | 1 | 0 | 2026-02-27T14:06:59.787000 | LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web app | |
| CVE-2026-27575 | 9.1 | 0.01% | 1 | 0 | 2026-02-27T14:06:59.787000 | Vikunja is an open-source self-hosted task management platform. Prior to version | |
| CVE-2026-25191 | 7.8 | 0.02% | 1 | 0 | 2026-02-27T14:06:59.787000 | The installer of FinalCode Client provided by Digital Arts Inc. contains an issu | |
| CVE-2026-27498 | 0 | 0.59% | 1 | 0 | 2026-02-27T14:06:59.787000 | n8n is an open source workflow automation platform. Prior to versions 2.2.0 and | |
| CVE-2026-1311 | 8.8 | 0.23% | 1 | 0 | 2026-02-27T14:06:59.787000 | The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in a | |
| CVE-2026-27952 | 8.8 | 0.07% | 1 | 0 | 2026-02-27T14:06:59.787000 | Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, | |
| CVE-2026-27961 | 8.8 | 0.05% | 1 | 0 | 2026-02-27T14:06:59.787000 | Agenta is an open-source LLMOps platform. A Server-Side Template Injection (SSTI | |
| CVE-2026-22720 | 8.0 | 0.08% | 1 | 0 | 2026-02-27T14:06:59.787000 | VMware Aria Operations contains a stored cross-site scripting vulnerability. A m | |
| CVE-2025-12981 | 9.8 | 0.04% | 3 | 0 | 2026-02-27T14:06:37.987000 | The Listee theme for WordPress is vulnerable to privilege escalation in all vers | |
| CVE-2025-50857 | 9.8 | 0.58% | 2 | 0 | 2026-02-27T14:06:37.987000 | ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /mod | |
| CVE-2026-2251 | 9.8 | 0.05% | 4 | 0 | 2026-02-27T14:06:37.987000 | Improper limitation of a pathname to a restricted directory (Path Traversal) vul | |
| CVE-2026-27772 | 9.4 | 0.13% | 3 | 0 | 2026-02-27T14:06:37.987000 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-27028 | 9.4 | 0.18% | 4 | 0 | 2026-02-27T14:06:37.987000 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-20781 | 9.4 | 0.13% | 3 | 0 | 2026-02-27T14:06:37.987000 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-25945 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T14:06:37.987000 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-24517 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and p | |
| CVE-2026-25195 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and | |
| CVE-2026-25085 | 8.6 | 0.07% | 1 | 0 | 2026-02-27T14:06:37.987000 | A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which | |
| CVE-2026-24695 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and | |
| CVE-2026-2428 | 7.5 | 0.02% | 1 | 0 | 2026-02-27T14:06:37.987000 | The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insuffici | |
| CVE-2026-26265 | 7.5 | 0.03% | 1 | 0 | 2026-02-27T14:06:37.987000 | Discourse is an open source discussion platform. Prior to versions 2025.12.2, 20 | |
| CVE-2025-14343 | 7.6 | 0.03% | 1 | 0 | 2026-02-27T14:06:37.987000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-2252 | 7.5 | 0.04% | 2 | 0 | 2026-02-27T09:30:35 | An XML External Entity (XXE) vulnerability allows malicious user to perform Serv | |
| CVE-2026-1442 | 7.8 | 0.01% | 1 | 0 | 2026-02-27T06:31:39 | Since the encryption algorithm used to protect firmware updates is itself encryp | |
| CVE-2026-28364 | 7.9 | 0.04% | 1 | 0 | 2026-02-27T06:31:34 | In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deser | |
| CVE-2026-3273 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T03:30:34 | A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerabi | |
| CVE-2026-25105 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:34 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 an | |
| CVE-2026-3037 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:34 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-20910 | 8.1 | 0.20% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-20902 | 8.1 | 0.20% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and | |
| CVE-2026-24689 | 8.1 | 0.22% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-24663 | 9.1 | 1.35% | 2 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-24445 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T03:30:33 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-25111 | 8.1 | 0.22% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-25109 | 8.1 | 0.22% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and p | |
| CVE-2026-26305 | 7.5 | 0.08% | 1 | 0 | 2026-02-27T03:30:33 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-23702 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-25037 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-25721 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-27767 | 9.4 | 0.13% | 4 | 0 | 2026-02-27T00:31:52 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-25851 | 9.4 | 0.13% | 3 | 0 | 2026-02-27T00:31:52 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-24731 | 9.4 | 0.13% | 2 | 0 | 2026-02-27T00:31:52 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-20792 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T00:31:52 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-25113 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T00:31:51 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-25114 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T00:31:51 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-27899 | 8.8 | 0.07% | 1 | 0 | 2026-02-26T22:22:24 | # Privilege Escalation to Admin via User Self-Update in wg-portal ## Summary A | |
| CVE-2026-2799 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T22:20:51.270000 | Use-after-free in the DOM: Core & HTML component. This vulnerability affects Fir | |
| CVE-2026-27903 | 7.5 | 0.04% | 1 | 0 | 2026-02-26T22:10:20 | ### Summary `matchOne()` performs unbounded recursive backtracking when a glob | |
| CVE-2026-26682 | 7.8 | 0.02% | 2 | 0 | 2026-02-26T21:32:35 | An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary | |
| CVE-2026-28136 | 7.6 | 0.03% | 2 | 0 | 2026-02-26T21:32:34 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-2803 | 7.5 | 0.04% | 1 | 0 | 2026-02-26T21:32:34 | Information disclosure, mitigation bypass in the Settings UI component. This vul | |
| CVE-2026-2800 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T21:32:34 | Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerabil | |
| CVE-2026-26938 | 8.6 | 0.04% | 2 | 0 | 2026-02-26T21:31:39 | Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) | |
| CVE-2026-1565 | 8.8 | 0.28% | 2 | 0 | 2026-02-26T21:31:39 | The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Members | |
| CVE-2025-71057 | 8.2 | 0.01% | 2 | 0 | 2026-02-26T21:31:30 | Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 | |
| CVE-2026-2801 | 7.5 | 0.04% | 1 | 0 | 2026-02-26T21:28:59.617000 | Incorrect boundary conditions in the JavaScript: WebAssembly component. This vul | |
| CVE-2026-2781 | 9.8 | 0.04% | 2 | 0 | 2026-02-26T21:28:58.090000 | Integer overflow in the Libraries component in NSS. This vulnerability affects F | |
| CVE-2025-69985 | 9.8 | 0.54% | 2 | 1 | 2026-02-26T19:39:20.677000 | FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to | |
| CVE-2026-3179 | 8.1 | 0.35% | 1 | 0 | 2026-02-26T18:31:39 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v | |
| CVE-2022-20775 | 7.8 | 0.39% | 3 | 1 | 2026-02-26T16:20:09.420000 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated | |
| CVE-2026-3071 | 8.4 | 0.06% | 1 | 0 | 2026-02-26T15:30:37 | Deserialization of untrusted data in the LanguageModel class of Flair from versi | |
| CVE-2026-23703 | 7.8 | 0.01% | 1 | 0 | 2026-02-26T06:30:51 | The installer of FinalCode Client provided by Digital Arts Inc. contains an inco | |
| CVE-2026-1557 | 7.5 | 0.11% | 1 | 0 | 2026-02-26T03:31:29 | The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in | |
| CVE-2026-1779 | 8.1 | 0.11% | 1 | 0 | 2026-02-26T03:31:29 | The User Registration & Membership plugin for WordPress is vulnerable to authent | |
| CVE-2026-24443 | 8.8 | 0.01% | 1 | 0 | 2026-02-26T03:00:27.553000 | EventSentry versions prior to 6.0.1.20 contain an unverified password change vul | |
| CVE-2026-2805 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T00:31:24 | Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Fi | |
| CVE-2026-2806 | 9.1 | 0.04% | 1 | 0 | 2026-02-25T22:16:28.437000 | Uninitialized memory in the Graphics: Text component. This vulnerability affects | |
| CVE-2026-2797 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T21:32:26 | Use-after-free in the JavaScript: GC component. This vulnerability affects Firef | |
| CVE-2026-2795 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T21:32:26 | Use-after-free in the JavaScript: GC component. This vulnerability affects Firef | |
| CVE-2025-14511 | 7.5 | 0.03% | 1 | 0 | 2026-02-25T21:31:25 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 | |
| CVE-2026-1388 | 7.5 | 0.03% | 1 | 0 | 2026-02-25T21:31:25 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 b | |
| CVE-2026-0752 | 8.0 | 0.08% | 1 | 0 | 2026-02-25T21:31:25 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 | |
| CVE-2026-3172 | 8.1 | 0.04% | 1 | 0 | 2026-02-25T21:31:25 | Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 all | |
| CVE-2026-2786 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T18:32:40 | Use-after-free in the JavaScript Engine component. This vulnerability affects Fi | |
| CVE-2026-20127 | 10.0 | 2.19% | 8 | 2 | 2026-02-25T18:31:45 | A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle | |
| CVE-2025-67445 | 7.5 | 0.09% | 1 | 1 | 2026-02-25T18:31:36 | TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerabili | |
| CVE-2025-63409 | 8.8 | 0.10% | 2 | 0 | 2026-02-25T18:31:36 | Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 | |
| CVE-2025-13942 | 9.8 | 0.34% | 4 | 0 | 2026-02-25T18:13:10.563000 | A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 fi | |
| CVE-2026-1459 | 7.2 | 0.06% | 1 | 0 | 2026-02-25T18:05:40.307000 | A post-authentication command injection vulnerability in the TR-369 certificate | |
| CVE-2026-27732 | 8.1 | 0.03% | 2 | 0 | 2026-02-25T16:52:33.227000 | WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideo | |
| CVE-2026-2807 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T15:32:45 | Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bug | |
| CVE-2026-2787 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T15:32:44 | Use-after-free in the DOM: Window and Location component. This vulnerability aff | |
| CVE-2026-25108 | 8.8 | 18.59% | 3 | 0 | 2026-02-24T21:38:18.607000 | FileZen contains an OS command injection vulnerability. When FileZen Antivirus C | |
| CVE-2025-40541 | 9.1 | 0.02% | 3 | 0 | 2026-02-24T18:32:04 | An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which | |
| CVE-2025-40538 | 9.1 | 0.03% | 3 | 0 | 2026-02-24T09:31:31 | A broken access control vulnerability exists in Serv-U which when exploited, giv | |
| CVE-2025-40540 | 9.1 | 0.05% | 1 | 0 | 2026-02-24T09:31:31 | A type confusion vulnerability exists in Serv-U which when exploited, gives a ma | |
| CVE-2025-40539 | 9.1 | 0.05% | 1 | 0 | 2026-02-24T09:31:31 | A type confusion vulnerability exists in Serv-U which when exploited, gives a ma | |
| CVE-2025-13943 | 8.8 | 0.18% | 1 | 0 | 2026-02-24T03:30:27 | A post-authentication command injection vulnerability in the log file download f | |
| CVE-2026-2033 | 8.1 | 15.58% | 2 | 0 | 2026-02-23T18:14:13.887000 | MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Executio | |
| CVE-2026-2329 | 9.8 | 41.14% | 2 | 0 | 2026-02-20T20:57:50.360000 | An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP | |
| CVE-2026-22769 | 10.0 | 34.16% | 2 | 0 | 2026-02-20T02:00:02.830000 | Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a | |
| CVE-2026-1731 | 9.8 | 64.61% | 4 | 5 | template | 2026-02-17T13:40:10.320000 | BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote |
| CVE-2025-15556 | 7.5 | 2.69% | 1 | 2 | 2026-02-13T15:30:24 | Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an upd | |
| CVE-2026-1603 | 8.6 | 11.74% | 2 | 0 | template | 2026-02-12T15:20:13.990000 | An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allo |
| CVE-2026-21513 | 8.8 | 4.12% | 1 | 0 | 2026-02-11T15:38:13.670000 | Protection mechanism failure in MSHTML Framework allows an unauthorized attacker | |
| CVE-2020-37088 | 7.5 | 4.95% | 2 | 0 | 2026-02-10T17:03:53.480000 | School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthen | |
| CVE-2026-1687 | 7.3 | 5.42% | 2 | 0 | 2026-02-10T15:14:03.207000 | A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon | |
| CVE-2025-61726 | 7.5 | 0.03% | 1 | 0 | 2026-02-06T21:30:47 | The net/url package does not set a limit on the number of query parameters in a | |
| CVE-2020-37123 | 9.8 | 12.89% | 2 | 0 | template | 2026-02-05T20:47:37.777000 | Pinger 1.0 contains a remote code execution vulnerability that allows attackers |
| CVE-2026-1207 | 5.4 | 4.78% | 2 | 0 | template | 2026-02-04T17:34:46.147000 | An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4 |
| CVE-2026-21852 | 7.5 | 0.05% | 3 | 2 | 2026-02-02T15:04:41.717000 | Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in | |
| CVE-2026-23760 | 9.8 | 59.79% | 1 | 2 | template | 2026-01-27T16:16:55.327000 | SmarterTools SmarterMail versions prior to build 9511 contain an authentication |
| CVE-2025-0282 | 9.0 | 94.12% | 3 | 10 | template | 2025-10-24T13:54:58.783000 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, |
| CVE-2025-59536 | 8.8 | 0.10% | 4 | 0 | 2025-10-23T12:46:37.910000 | Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable t | |
| CVE-2021-44228 | 10.0 | 94.36% | 1 | 100 | template | 2025-10-22T19:13:26 | # Summary Log4j versions prior to 2.16.0 are subject to a remote code execution |
| CVE-2020-11023 | 6.9 | 36.28% | 1 | 8 | 2025-10-22T17:52:05 | ### Impact Passing HTML containing `<option>` elements from untrusted sources - | |
| CVE-2025-36632 | 7.8 | 0.02% | 1 | 0 | 2025-10-21T20:19:43.853000 | In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a | |
| CVE-2021-30188 | 9.8 | 0.57% | 1 | 0 | 2025-08-15T21:32:18 | CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. | |
| CVE-2021-34596 | 6.5 | 0.24% | 1 | 0 | 2025-08-15T21:31:14 | A crafted request may cause a read access to an uninitialized pointer in CODESYS | |
| CVE-2021-30187 | 5.3 | 0.12% | 1 | 0 | 2025-08-15T21:31:12 | CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Spec | |
| CVE-2021-30195 | 7.5 | 0.42% | 1 | 0 | 2025-08-15T20:26:54.410000 | CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | |
| CVE-2021-34595 | 8.1 | 0.37% | 1 | 0 | 2025-08-15T20:25:40.657000 | A crafted request with invalid offsets may cause an out-of-bounds read or write | |
| CVE-2021-30186 | 7.5 | 0.45% | 1 | 0 | 2025-08-15T20:20:41.123000 | CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. | |
| CVE-2025-41658 | 5.5 | 0.02% | 1 | 0 | 2025-08-04T15:06:15.833000 | CODESYS Runtime Toolkit-based products may expose sensitive files to local low-p | |
| CVE-2025-41659 | 8.3 | 0.04% | 1 | 0 | 2025-08-04T15:06:15.833000 | A low-privileged attacker can remotely access the PKI folder of the CODESYS Cont | |
| CVE-2022-47393 | 6.5 | 0.65% | 1 | 0 | 2025-07-17T13:11:12.280000 | An authenticated, remote attacker may use a Improper Restriction of Operations w | |
| CVE-2022-47391 | 7.5 | 0.69% | 1 | 0 | 2025-07-17T13:10:20.353000 | In multiple CODESYS products in multiple versions an unauthorized, remote attack | |
| CVE-2022-47389 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T13:09:56.670000 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47388 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T13:09:43 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47387 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T13:05:21.360000 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47386 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T13:02:11.490000 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47378 | 6.5 | 0.51% | 1 | 0 | 2025-07-17T12:38:13.340000 | Multiple CODESYS products in multiple versions are prone to a improper input val | |
| CVE-2025-2595 | 5.3 | 0.15% | 1 | 0 | 2025-04-23T09:33:37 | An unauthenticated remote attacker can bypass the user management in CODESYS Vis | |
| CVE-2017-3735 | 5.3 | 36.89% | 1 | 0 | 2025-04-20T01:37:25.860000 | While parsing an IPAddressFamily extension in an X.509 certificate, it is possib | |
| CVE-2019-9011 | 5.3 | 0.16% | 1 | 0 | 2025-04-14T18:32:45 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development Sys | |
| CVE-2020-12067 | 7.5 | 0.14% | 1 | 0 | 2025-04-14T18:32:45 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development Sys | |
| CVE-2010-5250 | 0 | 0.05% | 1 | 0 | 2025-04-11T00:51:21.963000 | Untrusted search path vulnerability in the pthread_win32_process_attach_np funct | |
| CVE-2025-1468 | 7.5 | 0.11% | 1 | 0 | 2025-03-18T12:30:54 | An unauthenticated remote attacker can gain access to sensitive information incl | |
| CVE-2025-0694 | 6.6 | 0.10% | 1 | 0 | 2025-03-18T12:30:48 | Insufficient path validation in CODESYS Control allows low privileged attackers | |
| CVE-2024-5000 | 7.5 | 0.81% | 1 | 0 | 2024-11-21T09:46:44.830000 | An unauthenticated remote attacker can use a malicious OPC UA client to send a c | |
| CVE-2023-3935 | 9.8 | 0.41% | 1 | 0 | 2024-11-21T08:18:21.260000 | A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service u | |
| CVE-2023-3670 | 7.3 | 0.03% | 1 | 0 | 2024-11-21T08:17:48.067000 | In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 | |
| CVE-2023-37559 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:56.653000 | After successful authentication as a user in multiple Codesys products in multip | |
| CVE-2023-37558 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:56.503000 | After successful authentication as a user in multiple Codesys products in multip | |
| CVE-2023-37551 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:55.417000 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37549 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:55.087000 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2022-4048 | 7.7 | 0.04% | 1 | 0 | 2024-11-21T07:34:30.583000 | Inadequate Encryption Strength in CODESYS Development System V3 versions prior t | |
| CVE-2022-4046 | 8.8 | 0.76% | 1 | 0 | 2024-11-21T07:34:30.347000 | In CODESYS Control in multiple versions a improper restriction of operations wit | |
| CVE-2022-32143 | 8.8 | 1.01% | 1 | 0 | 2024-11-21T07:05:50.140000 | In multiple CODESYS products, file download and upload function allows access to | |
| CVE-2022-32141 | 6.5 | 0.31% | 1 | 0 | 2024-11-21T07:05:49.833000 | Multiple CODESYS Products are prone to a buffer over read. A low privileged remo | |
| CVE-2022-32139 | 6.5 | 0.31% | 1 | 0 | 2024-11-21T07:05:49.570000 | In multiple CODESYS products, a low privileged remote attacker may craft a reque | |
| CVE-2022-32136 | 6.5 | 0.31% | 1 | 0 | 2024-11-21T07:05:49.183000 | In multiple CODESYS products, a low privileged remote attacker may craft a reque | |
| CVE-2022-30791 | 7.5 | 0.39% | 1 | 0 | 2024-11-21T07:03:23.800000 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource con | |
| CVE-2022-22515 | 8.1 | 0.20% | 1 | 0 | 2024-11-21T06:46:56.173000 | A remote, authenticated attacker could utilize the control program of the CODESY | |
| CVE-2022-22513 | 6.5 | 0.40% | 1 | 0 | 2024-11-21T06:46:55.900000 | An authenticated remote attacker can cause a null pointer dereference in the Cmp | |
| CVE-2022-22508 | 4.3 | 0.13% | 1 | 0 | 2024-11-21T06:46:54.870000 | Improper Input Validation vulnerability in multiple CODESYS V3 products allows a | |
| CVE-2022-1989 | 5.3 | 0.24% | 1 | 0 | 2024-11-21T06:41:53.937000 | All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulne | |
| CVE-2021-36763 | 7.5 | 0.23% | 1 | 0 | 2024-11-21T06:14:02.597000 | In CODESYS V3 web server before 3.5.17.10, files or directories are accessible t | |
| CVE-2021-33485 | 9.8 | 0.39% | 1 | 0 | 2024-11-21T06:08:55.267000 | CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow | |
| CVE-2021-29242 | 7.3 | 0.32% | 1 | 0 | 2024-11-21T06:00:52.023000 | CODESYS Control Runtime system before 3.5.17.0 has improper input validation. At | |
| CVE-2021-29241 | 7.5 | 0.41% | 1 | 0 | 2024-11-21T06:00:51.853000 | CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may resul | |
| CVE-2021-29240 | 7.8 | 0.26% | 1 | 0 | 2024-11-21T06:00:51.667000 | The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not che | |
| CVE-2021-21869 | 7.8 | 0.08% | 1 | 0 | 2024-11-21T05:49:08.720000 | An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInfor | |
| CVE-2021-21868 | 7.8 | 0.09% | 1 | 0 | 2024-11-21T05:49:08.600000 | An unsafe deserialization vulnerability exists in the ObjectManager.plugin Proje | |
| CVE-2021-21867 | 7.8 | 0.09% | 1 | 0 | 2024-11-21T05:49:08.473000 | An unsafe deserialization vulnerability exists in the ObjectManager.plugin Objec | |
| CVE-2021-21864 | 7.8 | 0.09% | 1 | 0 | 2024-11-21T05:49:08.133000 | A unsafe deserialization vulnerability exists in the ComponentModel ComponentMan | |
| CVE-2021-21863 | 7.8 | 0.08% | 1 | 0 | 2024-11-21T05:49:08.020000 | A unsafe deserialization vulnerability exists in the ComponentModel Profile.From | |
| CVE-2020-15806 | 7.5 | 0.46% | 1 | 0 | 2024-11-21T05:06:13.097000 | CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Alloc | |
| CVE-2020-14519 | 7.5 | 0.09% | 1 | 0 | 2024-11-21T05:03:26.710000 | This vulnerability allows an attacker to use the internal WebSockets API for Cod | |
| CVE-2020-14515 | 7.5 | 0.08% | 1 | 0 | 2024-11-21T05:03:26.193000 | CodeMeter (All versions prior to 6.90 when using CmActLicense update files with | |
| CVE-2020-14513 | 7.5 | 0.26% | 1 | 0 | 2024-11-21T05:03:25.957000 | CodeMeter (All versions prior to 6.81) and the software using it may crash while | |
| CVE-2020-10245 | 9.8 | 1.41% | 1 | 0 | 2024-11-21T04:55:03.253000 | CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime syste | |
| CVE-2019-9010 | 9.8 | 0.32% | 1 | 0 | 2024-11-21T04:50:48.343000 | An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway doe | |
| CVE-2019-9009 | 7.5 | 0.31% | 1 | 0 | 2024-11-21T04:50:48.197000 | An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network pa | |
| CVE-2019-9008 | 8.8 | 0.53% | 1 | 0 | 2024-11-21T04:50:48.050000 | An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with lo | |
| CVE-2019-18858 | 9.8 | 0.41% | 1 | 0 | 2024-11-21T04:33:43.753000 | CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runti | |
| CVE-2019-13538 | 8.6 | 0.19% | 1 | 0 | 2024-11-21T04:25:06.227000 | 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior | |
| CVE-2018-20026 | 7.5 | 1.05% | 1 | 0 | 2024-11-21T04:00:47.033000 | Improper Communication Address Filtering exists in CODESYS V3 products versions | |
| CVE-2018-10612 | 9.8 | 0.24% | 1 | 0 | 2024-11-21T03:41:39.853000 | In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version | |
| CVE-2018-0739 | 6.5 | 11.27% | 1 | 0 | 2024-11-21T03:38:50.910000 | Constructed ASN.1 types with a recursive definition (such as can be found in PKC | |
| CVE-2020-12069 | 9.8 | 0.08% | 1 | 0 | 2024-10-03T21:32:08 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development Sys | |
| CVE-2023-3663 | 8.8 | 0.66% | 1 | 0 | 2024-10-02T06:31:32 | In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a mis | |
| CVE-2024-8175 | 7.5 | 1.16% | 1 | 0 | 2024-09-25T15:31:13 | An unauthenticated remote attacker can causes the CODESYS web server to access i | |
| CVE-2024-37032 | None | 93.76% | 2 | 3 | template | 2024-09-06T21:37:31 | Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 |
| CVE-2024-3661 | 8.8 | 2.42% | 1 | 3 | 2024-07-01T15:32:01 | By design, the DHCP protocol does not authenticate messages, including for examp | |
| CVE-2023-49676 | 5.5 | 0.06% | 1 | 0 | 2024-05-06T12:30:32 | An unauthenticated local attacker may trick a user to open corrupted project fil | |
| CVE-2023-49675 | 7.8 | 0.07% | 1 | 0 | 2024-05-06T12:30:31 | An unauthenticated local attacker may trick a user to open corrupted project fil | |
| CVE-2022-47385 | 8.8 | 5.42% | 1 | 0 | 2024-04-11T21:18:07 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47390 | 8.8 | 5.42% | 1 | 0 | 2024-04-11T21:18:06 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2023-3669 | 3.3 | 0.05% | 1 | 0 | 2024-04-04T06:31:19 | A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.2 | |
| CVE-2023-37557 | 6.5 | 0.05% | 1 | 0 | 2024-04-04T06:31:16 | After successful authentication as a user in multiple Codesys products in multip | |
| CVE-2023-37556 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:15 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37554 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:14 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37555 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:12 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37553 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:10 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37552 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:09 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37550 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:09 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37548 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:04 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37547 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:00 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37546 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:30:59 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-3662 | 7.3 | 0.03% | 1 | 0 | 2024-04-04T06:30:56 | In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vu | |
| CVE-2023-37545 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:30:55 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2022-47392 | 6.5 | 0.40% | 1 | 0 | 2024-04-04T05:43:07 | An authenticated, remote attacker may use a improper input validation vulnerabil | |
| CVE-2022-47383 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:57 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47384 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:57 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47382 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:54 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47381 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:52 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47380 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:52 | An authenticated remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47379 | 8.8 | 6.08% | 1 | 0 | 2024-04-04T05:42:52 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in | |
| CVE-2019-19789 | 6.5 | 0.46% | 1 | 0 | 2024-04-04T02:44:48 | 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit | |
| CVE-2019-13542 | 6.5 | 0.16% | 1 | 0 | 2024-04-04T01:57:58 | 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 | |
| CVE-2019-13532 | 7.5 | 1.56% | 1 | 0 | 2024-04-04T01:56:52 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to se | |
| CVE-2023-6357 | 8.8 | 0.28% | 1 | 0 | 2023-12-11T21:30:21 | A low-privileged remote attacker could exploit the vulnerability and inject addi | |
| CVE-2022-4224 | 8.8 | 0.80% | 1 | 0 | 2023-07-06T15:30:31 | In multiple products of CODESYS v3 in multiple versions a remote low privileged | |
| CVE-2019-9012 | 7.5 | 0.14% | 1 | 0 | 2023-05-16T12:30:20 | An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication | |
| CVE-2019-9013 | 8.8 | 0.43% | 1 | 0 | 2023-05-16T12:30:19 | An issue was discovered in 3S-Smart CODESYS V3 products. The application may uti | |
| CVE-2018-20025 | 7.5 | 0.68% | 1 | 0 | 2023-02-02T05:03:30 | Use of Insufficiently Random Values exists in CODESYS V3 products versions prior | |
| CVE-2021-34593 | 7.5 | 1.59% | 1 | 0 | 2023-01-30T05:03:00 | In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7. | |
| CVE-2021-36765 | None | 0.31% | 1 | 0 | 2023-01-30T05:01:16 | In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a | |
| CVE-2021-36764 | None | 0.24% | 1 | 0 | 2023-01-30T05:01:14 | In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Cra | |
| CVE-2021-33486 | None | 0.39% | 1 | 0 | 2023-01-30T05:01:11 | All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 | |
| CVE-2021-21865 | 7.8 | 0.06% | 1 | 0 | 2023-01-30T05:01:10 | A unsafe deserialization vulnerability exists in the PackageManagement.plugin Ex | |
| CVE-2021-21866 | 7.8 | 0.09% | 1 | 0 | 2023-01-30T05:01:10 | A unsafe deserialization vulnerability exists in the ObjectManager.plugin Profil | |
| CVE-2021-30190 | 9.8 | 0.43% | 1 | 0 | 2023-01-29T05:06:46 | CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. | |
| CVE-2021-29239 | None | 0.03% | 1 | 0 | 2023-01-29T05:06:09 | CODESYS Development System 3 before 3.5.17.0 displays or executes malicious docu | |
| CVE-2020-16233 | None | 0.12% | 1 | 0 | 2023-01-29T05:04:06 | An attacker could send a specially crafted packet that could have CodeMeter (All | |
| CVE-2020-14517 | None | 0.08% | 1 | 0 | 2023-01-29T05:04:03 | Protocol encryption can be easily broken for CodeMeter (All versions prior to 6. | |
| CVE-2020-14509 | None | 0.28% | 1 | 0 | 2023-01-29T05:03:52 | Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prio | |
| CVE-2020-12068 | None | 0.18% | 1 | 0 | 2023-01-29T05:02:53 | An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS W | |
| CVE-2019-5105 | 7.5 | 0.20% | 1 | 0 | 2023-01-29T05:02:04 | An exploitable memory corruption vulnerability exists in the Name Service Client | |
| CVE-2020-7052 | None | 0.59% | 1 | 0 | 2023-01-29T05:01:15 | CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled m | |
| CVE-2019-13548 | None | 2.40% | 1 | 0 | 2023-01-28T05:07:31 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to se | |
| CVE-2022-30792 | 5.3 | 0.54% | 1 | 0 | 2023-01-27T05:05:27 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource | |
| CVE-2022-31805 | 9.8 | 0.28% | 1 | 0 | 2023-01-27T05:05:21 | In the CODESYS Development System multiple components in multiple versions trans | |
| CVE-2022-32137 | 8.8 | 1.04% | 1 | 0 | 2023-01-27T05:05:21 | In multiple CODESYS products, a low privileged remote attacker may craft a reque | |
| CVE-2022-32138 | 8.8 | 1.08% | 1 | 0 | 2023-01-27T05:05:21 | In multiple CODESYS products, a remote attacker may craft a request which may ca | |
| CVE-2022-32140 | 6.5 | 0.33% | 1 | 0 | 2023-01-27T05:05:02 | Multiple CODESYS products are affected to a buffer overflow.A low privileged rem | |
| CVE-2022-1965 | 6.5 | 0.79% | 1 | 0 | 2023-01-27T05:05:02 | Multiple products of CODESYS implement a improper error handling. A low privileg | |
| CVE-2022-31806 | 9.8 | 0.54% | 1 | 0 | 2023-01-27T05:04:35 | In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 pas | |
| CVE-2022-32142 | 8.1 | 0.79% | 1 | 0 | 2023-01-27T05:04:35 | Multiple CODESYS Products are prone to a out-of bounds read or write access. A l | |
| CVE-2022-22516 | 7.8 | 0.04% | 1 | 0 | 2023-01-27T05:01:30 | The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows a | |
| CVE-2022-22517 | 7.5 | 0.68% | 1 | 0 | 2023-01-27T05:01:25 | An unauthenticated, remote attacker can disrupt existing communication channels | |
| CVE-2022-22514 | 7.1 | 0.50% | 1 | 0 | 2023-01-27T05:01:23 | An authenticated, remote attacker can gain access to a dereferenced pointer cont | |
| CVE-2022-22519 | 6.5 | 0.78% | 1 | 0 | 2023-01-27T05:01:22 | A remote, authenticated attacker can send a specific crafted HTTP or HTTPS reque | |
| CVE-2026-28215 | 0 | 0.06% | 2 | 0 | N/A | ||
| CVE-2026-28213 | 0 | 0.04% | 2 | 0 | N/A | ||
| CVE-2026-28272 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-28409 | 0 | 0.21% | 4 | 0 | N/A | ||
| CVE-2026-28211 | 0 | 0.01% | 2 | 0 | N/A | ||
| CVE-2026-28276 | 0 | 0.11% | 2 | 0 | N/A | ||
| CVE-2026-28275 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-26078 | 0 | 0.03% | 1 | 0 | N/A | ||
| CVE-2026-26965 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-26984 | 0 | 0.10% | 1 | 0 | N/A | ||
| CVE-2026-27976 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-27938 | 0 | 0.06% | 1 | 0 | N/A | ||
| CVE-2026-27941 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-27613 | 0 | 0.21% | 1 | 0 | N/A | ||
| CVE-2026-25164 | 0 | 0.09% | 1 | 0 | N/A |
updated 2026-03-01T03:16:16.743000
2 posts
🚨 HIGH severity: Tenda F453 v1.0.0.3 has a buffer overflow (CVE-2026-3379) in /goform/SetIpBind. Remotely exploitable with no auth. Restrict access, monitor for exploit attempts, and patch ASAP. https://radar.offseq.com/threat/cve-2026-3379-buffer-overflow-in-tenda-f453-63a79945 #OffSeq #Cybersecurity #Vulnerability #CVE20263379
##🚨 HIGH severity: Tenda F453 v1.0.0.3 has a buffer overflow (CVE-2026-3379) in /goform/SetIpBind. Remotely exploitable with no auth. Restrict access, monitor for exploit attempts, and patch ASAP. https://radar.offseq.com/threat/cve-2026-3379-buffer-overflow-in-tenda-f453-63a79945 #OffSeq #Cybersecurity #Vulnerability #CVE20263379
##updated 2026-03-01T01:31:09
2 posts
🟠 CVE-2026-28426 - High (8.7)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious Jav...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28426 - High (8.7)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious Jav...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T01:30:56
2 posts
🟠 CVE-2026-28425 - High (8)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28425/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28425 - High (8)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28425/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T01:29:34
2 posts
🟠 CVE-2026-28416 - High (8.2)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a mal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28416/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28416 - High (8.2)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a mal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28416/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T01:28:04
2 posts
🟠 CVE-2026-28406 - High (8.2)
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28406/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28406 - High (8.2)
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28406/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T01:26:28
2 posts
🟠 CVE-2026-26861 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeDisplay.js performs insufficient origin validati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26861/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26861 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeDisplay.js performs insufficient origin validati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26861/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T12:16:39.317000
2 posts
🚨 CVE-2026-3010: CRITICAL XSS in Microchip TimePictra v11.0 – 11.3 SP2. Remote, unauthenticated attackers can inject scripts via web UI. Restrict access, enable WAF, monitor logs. Patch awaited. Full info: https://radar.offseq.com/threat/cve-2026-3010-cwe-79-improper-neutralization-of-in-f593f595 #OffSeq #XSS #ICS #Vuln
##🚨 CVE-2026-3010: CRITICAL XSS in Microchip TimePictra v11.0 – 11.3 SP2. Remote, unauthenticated attackers can inject scripts via web UI. Restrict access, enable WAF, monitor logs. Patch awaited. Full info: https://radar.offseq.com/threat/cve-2026-3010-cwe-79-improper-neutralization-of-in-f593f595 #OffSeq #XSS #ICS #Vuln
##updated 2026-02-28T12:16:37.713000
2 posts
⚠️ CRITICAL vuln in Microchip TimePictra (11.0 – 11.3 SP2): CVE-2026-2844 lets remote, unauthenticated attackers manipulate configs. No patch yet — restrict access & monitor logs! https://radar.offseq.com/threat/cve-2026-2844-cwe-306-missing-authentication-for-c-aa868998 #OffSeq #TimePictra #Vulnerability #OTSecurity
##⚠️ CRITICAL vuln in Microchip TimePictra (11.0 – 11.3 SP2): CVE-2026-2844 lets remote, unauthenticated attackers manipulate configs. No patch yet — restrict access & monitor logs! https://radar.offseq.com/threat/cve-2026-2844-cwe-306-missing-authentication-for-c-aa868998 #OffSeq #TimePictra #Vulnerability #OTSecurity
##updated 2026-02-28T09:30:14
2 posts
🟠 CVE-2025-13673 - High (7.5)
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13673/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-13673 - High (7.5)
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13673/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T09:30:14
2 posts
🟠 CVE-2026-2471 - High (7.5)
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2471/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2471 - High (7.5)
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2471/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T04:16:19.250000
1 posts
🔴 CVE-2026-2788 - Critical (9.8)
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2788/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T02:45:38
2 posts
🟠 CVE-2026-0980 - High (8.3)
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious usern...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0980/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-0980 - High (8.3)
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious usern...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0980/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T02:17:26
3 posts
another day another critical vulnerability in openclaw 🥲🤡
"In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval."
🔐 CVE-2026-28363
📊 CVSS: 9.9 · Critical
📅 02/27/2026, 04:16 AM
🛡️ CWE: CWE-184
📦 Affected: OpenClaw OpenClaw (< 2026.2.23)
another day another critical vulnerability in openclaw 🥲🤡
"In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval."
🔐 CVE-2026-28363
📊 CVSS: 9.9 · Critical
📅 02/27/2026, 04:16 AM
🛡️ CWE: CWE-184
📦 Affected: OpenClaw OpenClaw (< 2026.2.23)
🔴 CVE-2026-28363 - Critical (9.9)
In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28363/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T01:59:29
4 posts
🔴 CVE-2026-28268 - Critical (9.8)
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28268/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL vuln in go-vikunja vikunja (<2.1.0): Password reset tokens never expire due to logic flaw, enabling persistent account takeover. Patch to v2.1.0+ now! CVE-2026-28268 https://radar.offseq.com/threat/cve-2026-28268-cwe-459-incomplete-cleanup-in-go-vi-0517b158 #OffSeq #Vuln #Security #FOSS
##🔴 CVE-2026-28268 - Critical (9.8)
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28268/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL vuln in go-vikunja vikunja (<2.1.0): Password reset tokens never expire due to logic flaw, enabling persistent account takeover. Patch to v2.1.0+ now! CVE-2026-28268 https://radar.offseq.com/threat/cve-2026-28268-cwe-459-incomplete-cleanup-in-go-vi-0517b158 #OffSeq #Vuln #Security #FOSS
##updated 2026-02-28T01:09:31.663000
2 posts
🔴 CVE-2025-11252 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-11252 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T00:55:26.413000
1 posts
🟠 CVE-2026-27959 - High (7.5)
Koa is middleware for Node.js using ES2017 async functions. Prior to versions 3.1.2 and 2.16.4, Koa's `ctx.hostname` API performs naive parsing of the HTTP Host header, extracting everything before the first colon without validating the input conf...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27959/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T00:45:30.697000
1 posts
🟠 CVE-2026-1662 - High (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause Denial of Service by sending specially crafted reque...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:13:46.087000
1 posts
🟠 CVE-2026-20742 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the templates route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20742/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:12:14.313000
1 posts
🟠 CVE-2026-21389 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the request body sent to the contacts
import...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21389/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:11:48.947000
2 posts
🔴 CVE-2026-21718 - Critical (10)
An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execution
on the system.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21718/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-21718: CRITICAL auth bypass in Copeland XWEB 300D PRO (≤1.12.1). Remote code exec possible — no user interaction. No patch yet. Segment & monitor ICS networks! https://radar.offseq.com/threat/cve-2026-21718-cwe-327-in-copeland-copeland-xweb-3-124474ba #OffSeq #ICS #Vulnerability #Cybersecurity
##updated 2026-02-27T23:11:05.393000
1 posts
🟠 CVE-2026-20764 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
providing malicious input via the device hostname configuration which
is la...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20764/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:08:17.530000
1 posts
🟠 CVE-2026-24452 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted template file to the devices route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24452/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:06:36.453000
1 posts
🟠 CVE-2026-25196 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the Wi-Fi SSID and/or password fields
can le...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25196/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T22:16:24.330000
2 posts
🟠 CVE-2026-28414 - High (7.5)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28414/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28414 - High (7.5)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28414/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T22:16:24.170000
4 posts
🔴 CVE-2026-28411 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vuln...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28411/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28411: CRITICAL auth bypass in LabRedesCefetRJ WeGIA (<3.6.5) via unsafe extract() on $_REQUEST. Full admin compromise risk. Upgrade to 3.6.5+ now! More: https://radar.offseq.com/threat/cve-2026-28411-cwe-288-authentication-bypass-using-7167a2c8 #OffSeq #Vuln #WebAppSec #PHP
##🔴 CVE-2026-28411 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vuln...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28411/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28411: CRITICAL auth bypass in LabRedesCefetRJ WeGIA (<3.6.5) via unsafe extract() on $_REQUEST. Full admin compromise risk. Upgrade to 3.6.5+ now! More: https://radar.offseq.com/threat/cve-2026-28411-cwe-288-authentication-bypass-using-7167a2c8 #OffSeq #Vuln #WebAppSec #PHP
##updated 2026-02-27T22:16:23.847000
4 posts
🔴 CVE-2026-28408 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malic...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28408/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CRITICAL: CVE-2026-28408 in WeGIA (<3.6.5) lets unauthenticated attackers inject massive unauthorized data via adicionar_tipo_docs_atendido.php. Upgrade to 3.6.5 ASAP. Monitor & restrict access now. https://radar.offseq.com/threat/cve-2026-28408-cwe-862-missing-authorization-in-la-ddacfcff #OffSeq #Vulnerability #WeGIA #CVE202628408
##🔴 CVE-2026-28408 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malic...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28408/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CRITICAL: CVE-2026-28408 in WeGIA (<3.6.5) lets unauthenticated attackers inject massive unauthorized data via adicionar_tipo_docs_atendido.php. Upgrade to 3.6.5 ASAP. Monitor & restrict access now. https://radar.offseq.com/threat/cve-2026-28408-cwe-862-missing-authorization-in-la-ddacfcff #OffSeq #Vulnerability #WeGIA #CVE202628408
##updated 2026-02-27T22:16:23.160000
2 posts
🟠 CVE-2026-28400 - High (7.5)
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are pass...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28400/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28400 - High (7.5)
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are pass...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28400/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:52:22
1 posts
🚨 CRITICAL: CVE-2026-27804 in parse-server allows attackers to forge Google auth tokens (alg: none accepted)! Versions <8.6.3 & <9.1.1-alpha.4 at risk. Upgrade or disable Google auth now. https://radar.offseq.com/threat/cve-2026-27804-cwe-327-use-of-a-broken-or-risky-cr-9a87af7c #OffSeq #ParseServer #JWT #CVE202627804
##updated 2026-02-27T21:35:03
2 posts
🟠 CVE-2026-27939 - High (8.8)
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27939/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27939 - High (8.8)
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27939/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🟠 CVE-2025-40932 - High (8.2)
Apache::SessionX versions through 2.01 for Perl create insecure session id.
Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand() ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40932/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-40932 - High (8.2)
Apache::SessionX versions through 2.01 for Perl create insecure session id.
Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand() ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40932/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🟠 CVE-2026-2597 - High (7.5)
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().
The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2597/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2597 - High (7.5)
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().
The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2597/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🔴 CVE-2026-24352 - Critical (9.8)
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24352 - Critical (9.8)
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🟠 CVE-2025-69437 - High (8.7)
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69437/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-69437 - High (8.7)
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69437/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:22
2 posts
🟠 CVE-2026-27141 - High (7.5)
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27141/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27141 - High (7.5)
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27141/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:26
4 posts
🚨 CRITICAL: CVE-2026-27755 in SODOLA SL902-SWTGW124AS (≤200.1.20) lets attackers forge MD5-based session IDs, bypassing auth remotely. No patch yet — segment, restrict, monitor! https://radar.offseq.com/threat/cve-2026-27755-cwe-330-use-of-insufficiently-rando-27c7bdab #OffSeq #CVE202627755 #IoTSecurity #Infosec
##🔴 CVE-2026-27755 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess val...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-27755 in SODOLA SL902-SWTGW124AS (≤200.1.20) lets attackers forge MD5-based session IDs, bypassing auth remotely. No patch yet — segment, restrict, monitor! https://radar.offseq.com/threat/cve-2026-27755-cwe-330-use-of-insufficiently-rando-27c7bdab #OffSeq #CVE202627755 #IoTSecurity #Infosec
##🔴 CVE-2026-27755 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess val...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:21
3 posts
🔴 CVE-2026-27510 - Critical (9.6)
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-27510 - Critical (9.6)
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) https://boschko.ca/unitree-go2-rce/
##updated 2026-02-27T21:31:21
3 posts
🟠 CVE-2026-27509 - High (8)
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, una...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27509/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27509 - High (8)
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, una...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27509/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) https://boschko.ca/unitree-go2-rce/
##updated 2026-02-27T21:31:21
2 posts
🔴 CVE-2026-22207 - Critical (9.8)
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22207/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-22207 - Critical (9.8)
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22207/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:21
2 posts
🟠 CVE-2026-22206 - High (8.8)
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw comb...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22206/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-22206 - High (8.8)
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw comb...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22206/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:21
2 posts
🟠 CVE-2026-22205 - High (7.5)
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22205/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-22205 - High (7.5)
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22205/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:16:19.923000
1 posts
🔴 CVE-2026-2796 - Critical (9.8)
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2796/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T20:21:40.513000
2 posts
🚨 CVE-2026-27947 (CRITICAL): Intermesh Group-Office RCE via TNEF attachment processing. Authenticated attackers can inject commands through crafted filenames. Patch to v26.0.9/25.0.87/6.8.154 ASAP! https://radar.offseq.com/threat/cve-2026-27947-cwe-88-improper-neutralization-of-a-24402a59 #OffSeq #RCE #Vuln #GroupOffice
##🚨 CVE-2026-27947 (CRITICAL): Intermesh Group-Office RCE via TNEF attachment processing. Authenticated attackers can inject commands through crafted filenames. Patch to v26.0.9/25.0.87/6.8.154 ASAP! https://radar.offseq.com/threat/cve-2026-27947-cwe-88-improper-neutralization-of-a-24402a59 #OffSeq #RCE #Vuln #GroupOffice
##updated 2026-02-27T20:21:40.330000
2 posts
🟠 CVE-2026-27836 - High (7.5)
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27836/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27836 - High (7.5)
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27836/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T20:21:37.327000
2 posts
🟠 CVE-2026-26862 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuilder/pageBuilder.js (lines 56-60) uses the includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26862/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26862 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuilder/pageBuilder.js (lines 56-60) uses the includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26862/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T19:07:37.763000
2 posts
🟠 CVE-2026-28274 - High (8.7)
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the "Initiatives...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28274 - High (8.7)
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the "Initiatives...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:36:30.553000
1 posts
🟠 CVE-2026-27635 - High (7.5)
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.0, when model render generation is enabled, a logged-in user can achieve RCE by uploading a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:35:58
3 posts
🟠 CVE-2026-27449 - High (7.5)
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The aff...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27449/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27449 - High (7.5)
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The aff...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27449/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🛡️ HIGH severity: CVE-2026-27449 impacts Umbraco Engage.Forms (<16.2.1, 17.0.0 – 17.1.0). Improper access control lets unauthenticated attackers extract sensitive analytics & customer data. Patch to 16.2.1/17.1.1 now! https://radar.offseq.com/threat/cve-2026-27449-cwe-284-improper-access-control-in--fadf6848 #OffSeq #Umbraco #Infosec
##updated 2026-02-27T18:32:07
1 posts
🟠 CVE-2026-3271 - High (8.8)
A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP2pListFilter of the file /goform/P2pListFilterof of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be launched r...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3271/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:31:12
4 posts
🚨 CRITICAL: CVE-2026-2749 hits Centreon Open Tickets (Linux Central Server). All before v25.10.3/24.10.8/24.04.7 at risk — remote exploit, full compromise possible. Restrict access & monitor systems! https://radar.offseq.com/threat/cve-2026-2749-e23f9297 #OffSeq #Centreon #Vuln
##🔴 CVE-2026-2749 - Critical (9.9)
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2749/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-2749 hits Centreon Open Tickets (Linux Central Server). All before v25.10.3/24.10.8/24.04.7 at risk — remote exploit, full compromise possible. Restrict access & monitor systems! https://radar.offseq.com/threat/cve-2026-2749-e23f9297 #OffSeq #Centreon #Vuln
##🔴 CVE-2026-2749 - Critical (9.9)
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2749/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:31:12
4 posts
🔐 CVE-2026-27751 (CRITICAL): SODOLA SL902-SWTGW124AS gateways (≤200.1.20) use default creds, enabling remote admin takeover. Change all passwords or restrict access ASAP! No patch yet. https://radar.offseq.com/threat/cve-2026-27751-cwe-1392-use-of-default-credentials-706a3fb0 #OffSeq #Vuln #IoTSecurity #NetworkSecurity
##🔴 CVE-2026-27751 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔐 CVE-2026-27751 (CRITICAL): SODOLA SL902-SWTGW124AS gateways (≤200.1.20) use default creds, enabling remote admin takeover. Change all passwords or restrict access ASAP! No patch yet. https://radar.offseq.com/threat/cve-2026-27751-cwe-1392-use-of-default-credentials-706a3fb0 #OffSeq #Vuln #IoTSecurity #NetworkSecurity
##🔴 CVE-2026-27751 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:28:21.607000
3 posts
🟠 CVE-2026-27969 - High (8.8)
Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27969/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27969 - High (8.8)
Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27969/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔥 CRITICAL: CVE-2026-27969 in Vitess (<22.0.4, 23.0.0 – 23.0.3) allows path traversal via backup restore. Attackers w/ backup storage access can write files anywhere Vitess can reach. Patch ASAP & secure storage! https://radar.offseq.com/threat/cve-2026-27969-cwe-22-improper-limitation-of-a-pat-4b60f36b #OffSeq #Vitess #CVE202627969
##updated 2026-02-27T17:22:23.443000
2 posts
🔴 CVE-2025-11251 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-11251 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T17:16:23.773000
1 posts
🟠 CVE-2026-27904 - High (7.5)
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quant...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27904/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T17:14:16.193000
2 posts
🟠 CVE-2026-27942 - High (7.5)
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27942/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27942 - High (7.5)
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27942/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T16:58:27.747000
3 posts
⚠️ CRITICAL: CVE-2026-28370 in OpenStack Vitrage (CVSS 9.1) enables authenticated RCE via eval injection in query parser. Upgrade to fixed versions, restrict API access, and monitor logs. Affects 0, 13.0.0, 14.0.0, 15.0.0. Details: https://radar.offseq.com/threat/cve-2026-28370-cwe-95-improper-neutralization-of-d-e403f347 #OffSeq #OpenStack #Vuln
##⚠️ CRITICAL: CVE-2026-28370 in OpenStack Vitrage (CVSS 9.1) enables authenticated RCE via eval injection in query parser. Upgrade to fixed versions, restrict API access, and monitor logs. Affects 0, 13.0.0, 14.0.0, 15.0.0. Details: https://radar.offseq.com/threat/cve-2026-28370-cwe-95-improper-neutralization-of-d-e403f347 #OffSeq #OpenStack #Vuln
##🔴 CVE-2026-28370 - Critical (9.1)
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unau...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28370/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T16:16:25.827000
2 posts
1 repos
🔴 CVE-2026-2750 - Critical (9.1)
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-2750 - Critical (9.1)
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T16:16:24.617000
1 posts
1 repos
🟠 CVE-2026-27831 - High (7.5)
rldns is an open source DNS server. Version 2.3 has a heap-based out-of-bounds read that leads to denial of service. Version 1.4 contains a patch for the issue.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27831/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:51:42.330000
2 posts
🟠 CVE-2026-28216 - High (8.3)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. `user-environments.resolver.ts:82-109`, `updateUserEnvironment` mutation us...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28216/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28216 - High (8.3)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. `user-environments.resolver.ts:82-109`, `updateUserEnvironment` mutation us...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28216/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:48:08.343000
1 posts
🟠 CVE-2026-3272 - High (8.8)
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page causes buffer overflow. Remote exploitation of the ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:47:29
2 posts
🔴 CVE-2026-27966 - Critical (9.8)
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes `allow_dangerous_code=True`, which automatically exposes LangChain’s Python REPL tool (`python_repl_a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27966/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-27966 (CRITICAL): langflow-ai langflow (<1.8.0) allows unauthenticated RCE via prompt injection due to hardcoded allow_dangerous_code=True. Patch to 1.8.0+ now! https://radar.offseq.com/threat/cve-2026-27966-cwe-94-improper-control-of-generati-8ac7c0b0 #OffSeq #Vulnerability #Langflow #RCE
##updated 2026-02-27T15:46:57.927000
1 posts
🟠 CVE-2026-3274 - High (8.8)
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. The attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:46:20.130000
1 posts
🟠 CVE-2026-3275 - High (8.8)
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys can lead to buffer overflow. The attack may be pe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3275/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:43:26.510000
1 posts
🟠 CVE-2026-25136 - High (8.1)
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. A reflected Cross-site Scripting vulnerability was located in versions prior to 35.8.3, 38.5.4,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:36:49.730000
2 posts
🔴 CVE-2026-3301 - Critical (9.8)
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3301/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##⚠️ CRITICAL OS command injection in Totolink N300RH (v6.1c.1353_B20190305) — CVE-2026-3301. Unauthenticated remote exploit possible, with public exploit code out. Restrict access & monitor until patch released. https://radar.offseq.com/threat/cve-2026-3301-os-command-injection-in-totolink-n30-8ab5e0b9 #OffSeq #CVE20263301 #IoTSecurity
##updated 2026-02-27T15:34:20
2 posts
🟠 CVE-2026-2751 - High (8.3)
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2751 - High (8.3)
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:34:18
2 posts
🟠 CVE-2026-23750 - High (8.1)
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-23750 - High (8.1)
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:50:07.533000
1 posts
🟠 CVE-2026-26955 - High (8.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCode...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26955/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:16:27.567000
2 posts
🟠 CVE-2025-10990 - High (7.5)
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10990/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-10990 - High (7.5)
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10990/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
7 posts
CVE-2026-21902 represents a high-impact infrastructure exposure.
Affected platform: Junos OS Evolved on PTX series routers.
Attack vector: Unauthenticated network access.
Privilege level: Root execution.
Service: On-Box Anomaly Detection, enabled by default.
Strategic risk:
• Traffic interception capability
• Policy manipulation
• Controller redirection
• Lateral pivoting
• Long-term foothold persistence
Although no exploitation has been observed, historically, high-performance routing infrastructure is a prime target due to its control-plane visibility and network centrality.
Recommended actions:
– Immediate patch validation
– Control-plane traffic monitoring
– Service exposure review
– Network segmentation validation
– Threat hunting for anomalous routing behavior
Are infrastructure devices integrated into your continuous detection engineering pipeline?
Source: https://www.securityweek.com/juniper-networks-ptx-routers-affected-by-critical-vulnerability/
Engage below.
Follow TechNadu for high-signal vulnerability intelligence.
Repost to strengthen security awareness.
#Infosec #CVE2026 #Juniper #RouterSecurity #CriticalInfrastructure #ThreatModeling #DetectionEngineering #NetworkDefense #ZeroTrustArchitecture #CyberRisk #SecurityOperations #VulnerabilityManagement
##Critical Root RCE Vulnerability Patched in Juniper PTX Series Routers
Juniper Networks patched a critical vulnerability (CVE-2026-21902) in Junos OS Evolved on PTX Series routers that allows unauthenticated attackers to gain root access via a framework that should have been internal but is publicly exposed and not authenticated.
**If you are using Junos OS Evolved, this is important. Either immediately patch your PTX Series routers or disable the 'On-Box Anomaly Detection' service. Depending on configuration, review if you can isolate the network devices from the public internet to mitigate the impact.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-root-rce-vulnerability-patched-in-juniper-ptx-series-routers-i-9-2-e-h/gD2P6Ple2L
The security issue is identified as CVE-2026-21902 and is caused by incorrect permission assignment in the ‘On-Box Anomaly Detection’ framework, which should be exposed to internal processes only over the internal routing interface. bleepingcomputer.com/news/security/critical-juniper-networks-ptx-flaw-allows-full-router-takeover/
##CVE-2026-21902 represents a high-impact infrastructure exposure.
Affected platform: Junos OS Evolved on PTX series routers.
Attack vector: Unauthenticated network access.
Privilege level: Root execution.
Service: On-Box Anomaly Detection, enabled by default.
Strategic risk:
• Traffic interception capability
• Policy manipulation
• Controller redirection
• Lateral pivoting
• Long-term foothold persistence
Although no exploitation has been observed, historically, high-performance routing infrastructure is a prime target due to its control-plane visibility and network centrality.
Recommended actions:
– Immediate patch validation
– Control-plane traffic monitoring
– Service exposure review
– Network segmentation validation
– Threat hunting for anomalous routing behavior
Are infrastructure devices integrated into your continuous detection engineering pipeline?
Source: https://www.securityweek.com/juniper-networks-ptx-routers-affected-by-critical-vulnerability/
Engage below.
Follow TechNadu for high-signal vulnerability intelligence.
Repost to strengthen security awareness.
#Infosec #CVE2026 #Juniper #RouterSecurity #CriticalInfrastructure #ThreatModeling #DetectionEngineering #NetworkDefense #ZeroTrustArchitecture #CyberRisk #SecurityOperations #VulnerabilityManagement
##Critical Root RCE Vulnerability Patched in Juniper PTX Series Routers
Juniper Networks patched a critical vulnerability (CVE-2026-21902) in Junos OS Evolved on PTX Series routers that allows unauthenticated attackers to gain root access via a framework that should have been internal but is publicly exposed and not authenticated.
**If you are using Junos OS Evolved, this is important. Either immediately patch your PTX Series routers or disable the 'On-Box Anomaly Detection' service. Depending on configuration, review if you can isolate the network devices from the public internet to mitigate the impact.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-root-rce-vulnerability-patched-in-juniper-ptx-series-routers-i-9-2-e-h/gD2P6Ple2L
The security issue is identified as CVE-2026-21902 and is caused by incorrect permission assignment in the ‘On-Box Anomaly Detection’ framework, which should be exposed to internal processes only over the internal routing interface. bleepingcomputer.com/news/security/critical-juniper-networks-ptx-flaw-allows-full-router-takeover/
##A single mistake in Juniper PTX routers now lets anyone on the network take full control—no password needed. How safe is the backbone of the internet really?
##updated 2026-02-27T14:06:59.787000
1 posts
ServiceNow corrige un RCE crítico en #AI Platform (CVE-2026-0542) y detalla los parches afectados
##updated 2026-02-27T14:06:59.787000
1 posts
🚨 CVE-2026-27497 (CRITICAL, CVSS 9.4): n8n-io n8n code injection via Merge node's SQL query mode. Authenticated users can achieve RCE and write files. Upgrade to v2.10.1/2.9.3/1.123.22 now! https://radar.offseq.com/threat/cve-2026-27497-cwe-94-improper-control-of-generati-7583bd72 #OffSeq #n8n #CodeInjection #Infosec
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-27850 - High (7.5)
Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network.
This issue affects MR9600: 1.0.4.20...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27850/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-22719 - High (8.1)
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted prod...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22719/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
⚠️ CRITICAL: CVE-2026-27577 in n8n allows authenticated users to inject code & run system commands (CVSS 9.4). Affected: <2.10.1, <2.9.3, <1.123.22. Upgrade ASAP & restrict workflow perms! https://radar.offseq.com/threat/cve-2026-27577-cwe-94-improper-control-of-generati-fe1b37b0 #OffSeq #n8n #vuln #infosec
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-26985 - High (8.1)
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenti...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26985/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🔴 CVE-2026-27575 - Critical (9.1)
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to set weak passwords (e.g., 1234, password) without enforcing minimum strength requirements. Additionally, active sessions remain...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27575/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-25191 - High (7.8)
The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may b...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25191/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🚨 CVE-2026-27498: CRITICAL code injection in n8n-io n8n (<1.123.8, 2.0.0 – 2.2.0). Auth users can exploit workflow/gIT nodes for RCE. Patch to 2.2.0+ or 1.123.8+, restrict permissions, & disable risky nodes now. https://radar.offseq.com/threat/cve-2026-27498-cwe-94-improper-control-of-generati-673d3ea0 #OffSeq #n8n #Vuln #Security
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-1311 - High (8.8)
The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.2.4 via the backup upload functionality. This makes it possible for authenticated attackers, with Subscriber-level access and above...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1311/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-27952 - High (8.8)
Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sandboxing mechanism for user-supplied evaluator co...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27952/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-27961 - High (8.8)
Agenta is an open-source LLMOps platform. A Server-Side Template Injection (SSTI) vulnerability exists in versions prior to 0.86.8 in Agenta's API server evaluator template rendering. Although the vulnerable code lives in the SDK package, it is ex...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27961/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-22720 - High (8)
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.
To remediate CV...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22720/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
3 posts
⛔ New security advisory:
CVE-2025-12981 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://yazoul.net/advisory/cve/cve-2025-12981
🔴 CVE-2025-12981 - Critical (9.8)
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly saniti...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-12981/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-12981 - Critical (9.8)
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly saniti...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-12981/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
2 posts
🔴 CVE-2025-50857 - Critical (9.8)
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-50857/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-50857 - Critical (9.8)
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-50857/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
4 posts
🔴 CVE-2026-2251 - Critical (9.8)
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-2251 in Xerox FreeFlow Core (≤8.0.7) allows unauthenticated RCE via path traversal. Patch to 8.1.0 urgently! Full system compromise possible. Details: https://radar.offseq.com/threat/cve-2026-2251-cwe-22-improper-limitation-of-a-path-309f50e5 #OffSeq #Infosec #CVE20262251 #PrintSecurity
##🔴 CVE-2026-2251 - Critical (9.8)
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-2251 in Xerox FreeFlow Core (≤8.0.7) allows unauthenticated RCE via path traversal. Patch to 8.1.0 urgently! Full system compromise possible. Details: https://radar.offseq.com/threat/cve-2026-2251-cwe-22-improper-limitation-of-a-path-309f50e5 #OffSeq #Infosec #CVE20262251 #PrintSecurity
##updated 2026-02-27T14:06:37.987000
3 posts
Multiple Vulnerabilities Reported in EV Energy Charging Platform
EV Energy's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27772), that allow attackers to hijack electric vehicle charging stations and disrupt energy infrastructure.
**Make sure to isolate EV Energy systems from the public internet and use a VPN for any required remote management. Since the vendor hasn't released a patch, this is your only defense until you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-in-ev-energy-charging-platform-allow-remote-hijacking-b-x-t-d-l/gD2P6Ple2L
Multiple Vulnerabilities Reported in EV Energy Charging Platform
EV Energy's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27772), that allow attackers to hijack electric vehicle charging stations and disrupt energy infrastructure.
**Make sure to isolate EV Energy systems from the public internet and use a VPN for any required remote management. Since the vendor hasn't released a patch, this is your only defense until you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-in-ev-energy-charging-platform-allow-remote-hijacking-b-x-t-d-l/gD2P6Ple2L
🔴 CVE-2026-27772 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27772/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
4 posts
Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations
Mobility46's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27028), that allow attackers to impersonate charging stations and seize administrative control. The vendor has not responded with a patch.
**If you operate Mobility46 charging stations, make sure that the systems are isolated from the internet and accessible only from trusted networks or VPN.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-and-session-flaws-discovered-in-mobility46-ev-charging-stations-h-c-g-0-l/gD2P6Ple2L
Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations
Mobility46's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27028), that allow attackers to impersonate charging stations and seize administrative control. The vendor has not responded with a patch.
**If you operate Mobility46 charging stations, make sure that the systems are isolated from the internet and accessible only from trusted networks or VPN.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-and-session-flaws-discovered-in-mobility46-ev-charging-stations-h-c-g-0-l/gD2P6Ple2L
🔴 CVE-2026-27028 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27028/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-27028 (CRITICAL, CVSS 9.4) hits all Mobility46 mobility46.se versions: missing auth on WebSocket endpoints lets remote attackers impersonate charging stations and control OCPP traffic. Patch ASAP! https://radar.offseq.com/threat/cve-2026-27028-cwe-306-in-mobility46-mobility46se-f694ef80 #OffSeq #CyberSecurity #EVCharging #CVE
##updated 2026-02-27T14:06:37.987000
3 posts
🔴 CVE-2026-20781 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20781/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-20781 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20781/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Multiple Vulnerabilities in CloudCharge EV Platform, Including One Critical
CloudCharge's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-20781), that allow attackers to impersonate charging stations and hijack sessions.
**Treat your EV charging stations as high-risk entry points and disconnect them from the public internet immediately. Since the vendor hasn't provided a fix, your only real defense is to isolate these systems behind a VPN and very strict firewall rules**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-in-cloudcharge-ev-platform-including-one-critical-f-b-y-d-0/gD2P6Ple2L
updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25945 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25945/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-24517 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the firmware update
route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24517/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25195 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted firmware update file via the firmware update route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25195/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25085 - High (8.6)
A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in
which an unexpected return value from the authentication routine is
later on processed as a legitimate value, resulting in an authentication
bypass.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25085/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-24695 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into OpenSSL argument fields within requests
...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24695/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-2428 - High (7.5)
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN (Instant Payment Notification) verification being dis...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2428/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-26265 - High (7.5)
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items endpoint allows any user, including anonymous users, to retrieve private user field values for all u...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26265/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2025-14343 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS.This issue affects E-Commerce Product: through 10122025.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14343/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T09:30:35
2 posts
🟠 CVE-2026-2252 - High (7.5)
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.
This issue affects Xerox FreeFlow Core versions up to and includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2252 - High (7.5)
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.
This issue affects Xerox FreeFlow Core versions up to and includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T06:31:39
1 posts
🟠 CVE-2026-1442 - High (7.8)
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an unauthorized user, and then trusted by a Unitre...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1442/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T06:31:34
1 posts
🟠 CVE-2026-28364 - High (7.9)
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28364/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:34
1 posts
🟠 CVE-2026-3273 - High (8.8)
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component httpd. Such manipulation of the argument mit_ssid_index leads to buffer overf...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3273/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:34
1 posts
🟠 CVE-2026-25105 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into parameters of the Modbus command tool in...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25105/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:34
1 posts
🟠 CVE-2026-3037 - High (8)
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an authenticated attacker to achieve remote code
execution on the system by modifying malicious input injected into the
MBird SMS service URL and/or cod...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3037/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-20910 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field of the firmware update
upd...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20910/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-20902 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the map filename field during the map
upl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20902/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-24689 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field of the firmware update
ap...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24689/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
2 posts
🔴 CVE-2026-24663 - Critical (9)
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an unauthenticated attacker to achieve remote code
execution on the system by sending a crafted request to the libraries
installation route and injectin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24663/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-24663 (CRITICAL, CVSS 9.0): Copeland XWEB 300D PRO (≤1.12.1) has an unauthenticated command injection flaw. RCE possible over network, no exploit public yet. Segment networks & restrict access! https://radar.offseq.com/threat/cve-2026-24663-cwe-78-in-copeland-copeland-xweb-30-1c773deb #OffSeq #ICS #OTSecurity #Vuln
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-24445 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25111 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the restore route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25111/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25109 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field when accessing the get
s...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25109/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-26305 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26305/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-23702 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
sending malicious input injected into the server username field of the
impo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23702/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25037 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
configuring a maliciously crafted LCD state which is later processed
durin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25037/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25721 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the server username and/or password
fields o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:52
4 posts
🔴 New security advisory:
CVE-2026-27767 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-27767
Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation
SWITCH EV's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27767), that allow attackers to impersonate charging stations and hijack sessions.
**Make sure your SWITCH EV station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-in-switch-ev-charging-platform-allow-station-impersonation-e-g-h-5-x/gD2P6Ple2L
Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation
SWITCH EV's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27767), that allow attackers to impersonate charging stations and hijack sessions.
**Make sure your SWITCH EV station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-in-switch-ev-charging-platform-allow-station-impersonation-e-g-h-5-x/gD2P6Ple2L
🔴 CVE-2026-27767 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27767/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:52
3 posts
Multiple Vulnerabilities Discovered in Chargemap Platform
Chargemap's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-25851), that allow unauthenticated attackers to impersonate charging stations and gain administrative control.
**Make sure your Chargemap station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-discovered-in-chargemap-platform-z-y-h-q-j/gD2P6Ple2L
Multiple Vulnerabilities Discovered in Chargemap Platform
Chargemap's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-25851), that allow unauthenticated attackers to impersonate charging stations and gain administrative control.
**Make sure your Chargemap station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-discovered-in-chargemap-platform-z-y-h-q-j/gD2P6Ple2L
🔴 CVE-2026-25851 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25851/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:52
2 posts
🔴 CVE-2026-24731 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-24731 in EV2GO ev2go.io — all versions. WebSocket endpoints have no auth, letting attackers impersonate stations, escalate privileges, and manipulate backend data. Monitor OCPP traffic now. https://radar.offseq.com/threat/cve-2026-24731-cwe-306-in-ev2go-ev2goio-e42cb5b8 #OffSeq #CVE202624731 #infosec #EVsecurity
##updated 2026-02-27T00:31:52
1 posts
🟠 CVE-2026-20792 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or misrouting legitimate charge...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20792/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:51
1 posts
🟠 CVE-2026-25113 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25113/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:51
1 posts
🟠 CVE-2026-25114 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25114/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T22:22:24
1 posts
🟠 CVE-2026-27899 - High (8.8)
WireGuard Portal (or wg-portal) is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27899/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T22:20:51.270000
1 posts
🔴 CVE-2026-2799 - Critical (9.8)
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2799/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T22:10:20
1 posts
🟠 CVE-2026-27903 - High (7.5)
minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27903/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:32:35
2 posts
🟠 CVE-2026-26682 - High (7.8)
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26682/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26682 - High (7.8)
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26682/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:32:34
2 posts
🟠 CVE-2026-28136 - High (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28136 - High (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:32:34
1 posts
🟠 CVE-2026-2803 - High (7.5)
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:32:34
1 posts
🔴 CVE-2026-2800 - Critical (9.8)
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2800/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:31:39
2 posts
🟠 CVE-2026-26938 - High (8.6)
Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26938/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26938 - High (8.6)
Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26938/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:31:39
2 posts
🟠 CVE-2026-1565 - High (8.8)
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUF_Admin_Settings::check_filetype_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1565/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1565 - High (8.8)
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUF_Admin_Settings::check_filetype_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1565/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:31:30
2 posts
🟠 CVE-2025-71057 - High (8.2)
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71057/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-71057 - High (8.2)
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71057/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:28:59.617000
1 posts
🟠 CVE-2026-2801 - High (7.5)
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2801/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:28:58.090000
2 posts
Oh look, a 9.8 critical vulnerability in the NSS service used by #Firefox and #Thunderbird.
##updated 2026-02-26T19:39:20.677000
2 posts
1 repos
🔴 CVE-2025-69985 - Critical (9.8)
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate interna...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69985/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-69985 - Critical (9.8)
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate interna...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69985/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T18:31:39
1 posts
🟠 CVE-2026-3179 - High (8.1)
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write f...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3179/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T16:20:09.420000
3 posts
1 repos
Five Eyes warning: Cisco SD-WAN actively exploited by UAT-8616.
• CVE-2026-20127
• CVE-2022-20775
• Root access & rogue control-plane peering
• Persistence in edge devices
Immediate patching & threat hunting required.
Are you checking for downgrade events?
##@leb Yep. And they finally updated the one in my original post:
##In February 2026, the Cisco PSIRT became aware of attempted exploitation of the vulnerability described in CVE-2022-20775.
🚨 [CISA-2026:0225] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0225)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2022-20775 (https://secdb.nttzen.cloud/cve/detail/CVE-2022-20775)
- Name: Cisco SD-WAN Path Traversal Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: SD-WAN
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-sd-wan-priv-E6e8tEdF.html ; https://nvd.nist.gov/vuln/detail/CVE-2022-20775
⚠️ CVE-2026-20127 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- Name: Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Catalyst SD-WAN Controller and Manager
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20127
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260225 #cisa20260225 #cve_2022_20775 #cve_2026_20127 #cve202220775 #cve202620127
##updated 2026-02-26T15:30:37
1 posts
🟠 CVE-2026-3071 - High (8.4)
Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T06:30:51
1 posts
🟠 CVE-2026-23703 - High (7.8)
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23703/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T03:31:29
1 posts
🟠 CVE-2026-1557 - High (7.5)
The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the se...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1557/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T03:31:29
1 posts
🟠 CVE-2026-1779 - High (8.1)
The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'register_member' function. This makes it possible for unauthent...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1779/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T03:00:27.553000
1 posts
🟠 CVE-2026-24443 - High (8.8)
EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not require validation of the current password bef...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24443/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T00:31:24
1 posts
🔴 CVE-2026-2805 - Critical (9.8)
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2805/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T22:16:28.437000
1 posts
🔴 CVE-2026-2806 - Critical (9.1)
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2806/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:32:26
1 posts
🔴 CVE-2026-2797 - Critical (9.8)
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2797/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:32:26
1 posts
🔴 CVE-2026-2795 - Critical (9.8)
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2795/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2025-14511 - High (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted files...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14511/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2026-1388 - High (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending speci...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1388/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2026-0752 - High (8)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that under certain circumstances, could have allowed an unauthenticated user to inject arbitrary scripts into...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0752/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2026-3172 - High (8.1)
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3172/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T18:32:40
1 posts
🔴 CVE-2026-2786 - Critical (9.8)
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2786/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T18:31:45
8 posts
2 repos
🖲️ #Cybersecurity #Ciberseguridad #Ciberseguranca #Security #Seguridad #Seguranca #News #Noticia #Noticias #Tecnologia #Technology
⚫ Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
🔗 https://www.darkreading.com/vulnerabilities-threats/cisco-sd-wan-zero-day-exploitation-3-years
The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind.
##Cisco has an updated critical advisory:
CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk @TalosSecurity #Cisco #infosec #vulnerability
##Cisco has an updated critical advisory:
CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk @TalosSecurity #Cisco #infosec #vulnerability
##Cisco SDWAN Controller vulnerability in the wild and at the network edge. CVE-2026-20127 by UAT-8616. Heads up. https://blog.talosintelligence.com/uat-8616-sd-wan/ #threatintelligence #cybersecurity #cisco
##Five Eyes warning: Cisco SD-WAN actively exploited by UAT-8616.
• CVE-2026-20127
• CVE-2022-20775
• Root access & rogue control-plane peering
• Persistence in edge devices
Immediate patching & threat hunting required.
Are you checking for downgrade events?
##Si vous administrez une infrastructure réseau utilisant Cisco Catalyst SD-WAN, une vulnérabilité critique actuellement exploitée sur Internet permet à un attaquant distant sans authentification d’obtenir un accès administrateur au système. Une exploitation réussie peut permettre de modifier la configuration réseau, d’espionner les communications ou de maintenir un accès discret à l’infrastructure.
Les investigations effectuées par Cisco Talos montrent que ces attaques sont menées par un acteur sophistiqué et que des compromissions ont été observées depuis au moins 2023, avec dans certains cas une élévation de privilèges jusqu’au contrôle complet du système après modification de la version logicielle.
Selon Cisco, un système SD-WAN peut être particulièrement exposé si :
le contrôleur SD-WAN est accessible depuis Internet
des ports sont ouverts vers l’extérieur
l’accès n’est pas limité aux adresses IP autorisées
Les éléments suivants peuvent indiquer qu’un système SD-WAN a été compromis :
une nouvelle connexion SD-WAN inconnue
un accès administrateur inattendu
des journaux système effacés ou incomplets
des mises à jour ou rétrogradations non planifiées
Cisco recommande de vérifier certains journaux système pour détecter une compromission éventuelle.
Par exemple, dans le fichier /var/log/auth.log, une connexion SSH au compte vmanage-admin depuis une adresse IP inconnue peut être suspecte :
Accepted publickey for vmanage-admin from -adresse IP inconnue-
Dans ce cas, il faut vérifier que l’adresse IP correspond bien à un équipement SD-WAN autorisé (visible dans l’interface SD-WAN Manager → Devices → System IP).
PRODUITS CONCERNÉS
Cette vulnérabilité affecte :
Cisco Catalyst SD-WAN Controller
Cisco Catalyst SD-WAN Manager
Quel que soit le mode de déploiement :
Déploiement sur site (On-Premise)
Cisco Hosted SD-WAN Cloud
Cisco Hosted SD-WAN Cloud – Cisco Managed
Cisco Hosted SD-WAN Cloud – Environnement FedRAMP
ACTIONS RECOMMANDÉES
Application des mises à jour recommandée dès que possible
Surveillance des connexions et changements inhabituels recommandée
Restreindre l’accès réseau aux seuls équipements autorisés
Conserver les journaux sur un serveur externe si possible
Placer les contrôleurs derrière un firewall
analyse Cisco Talos
👇
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
Détails Vulnérabilité critique CVE-2026-20127
👇
https://cve.circl.lu/vuln/CVE-2026-20127
Investigation conducted by intelligence partners identified that the actor likely escalated to root user via a software version downgrade
👇
https://www.cyber.gov.au/sites/default/files/2026-02/ACSC-led%20Cisco%20SD-WAN%20Hunt%20Guide.pdf
“Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks.”
##🚨 [CISA-2026:0225] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0225)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2022-20775 (https://secdb.nttzen.cloud/cve/detail/CVE-2022-20775)
- Name: Cisco SD-WAN Path Traversal Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: SD-WAN
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-sd-wan-priv-E6e8tEdF.html ; https://nvd.nist.gov/vuln/detail/CVE-2022-20775
⚠️ CVE-2026-20127 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- Name: Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Catalyst SD-WAN Controller and Manager
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20127
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260225 #cisa20260225 #cve_2022_20775 #cve_2026_20127 #cve202220775 #cve202620127
##updated 2026-02-25T18:31:36
1 posts
1 repos
🟠 CVE-2025-67445 - High (7.5)
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstecgi.cgi. The CGI reads the CONTENT_LENGTH environment variable and allocates memory using malloc (CONTENT_LENGTH + 1) without sufficient bounds chec...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T18:31:36
2 posts
🟠 CVE-2025-63409 - High (8.8)
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-63409 - High (8.8)
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T18:13:10.563000
4 posts
⚪️ Critical RCE Vulnerability Affects Over 10 Zyxel Router Models
🗨️ Zyxel developers have released patches that fix a critical vulnerability affecting more than ten router models. The bug allows unauthenticated attackers to remotely execute commands on the devices. The vulnerability is tracked as CVE-2025-13942 and is a command injection issue…
##⚪️ Critical RCE Vulnerability Affects Over 10 Zyxel Router Models
🗨️ Zyxel developers have released patches that fix a critical vulnerability affecting more than ten router models. The bug allows unauthenticated attackers to remotely execute commands on the devices. The vulnerability is tracked as CVE-2025-13942 and is a command injection issue…
##Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.
Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.
Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories
How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.
#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity
##NCTAG 5.8: The Zyxel Perimeter Crisis
120,000 targets identified. The Cyber Mind Co™ has released Global Watchtower Manifest (GWM) NCTAG 1.1, detailing a critical Unauthenticated RCE (CVE-2025-13942) in Zyxel devices
https://thecybermind.co/2026/02/25/zyxel-upnp-crisis-cve-2025-13942/
#RCE #Zyxel
updated 2026-02-25T18:05:40.307000
1 posts
Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.
Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.
Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories
How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.
#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity
##updated 2026-02-25T16:52:33.227000
2 posts
🟠 CVE-2026-27732 - High (8.1)
WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` API endpoint accepts a `downloadURL` parameter and fetches the referenced resource server-side without proper validation or an allow-list. This allow...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27732 - High (8.1)
WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` API endpoint accepts a `downloadURL` parameter and fetches the referenced resource server-side without proper validation or an allow-list. This allow...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T15:32:45
1 posts
🔴 CVE-2026-2807 - Critical (9.8)
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2807/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T15:32:44
1 posts
🔴 CVE-2026-2787 - Critical (9.8)
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2787/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-24T21:38:18.607000
3 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
CISA Reports Actively Exploited Soliton FileZen Command Injection Vulnerability
CISA reports active exploitation of a critical command injection vulnerability (CVE-2026-25108) in Soliton Systems' FileZen following reports of active exploitation and potential ransomware links. The flaw allows authenticated attackers to execute arbitrary OS commands on appliances with antivirus scanning enabled.
**Update your FileZen appliances to version 5.0.11 ASAP and reset all user passwords to block attackers using stolen credentials. Check your system directory logs for any unauthorized file changes to confirm if your system was already compromised. Isolation is not really an option, since this platform is designed to be accessible by external users.**
#cybersecurity #infosec #advisory #ransomware
https://beyondmachines.net/event_details/cisa-reports-actively-exploited-soliton-filezen-command-injection-vulnerability-j-l-i-1-c/gD2P6Ple2L
updated 2026-02-24T18:32:04
3 posts
All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://www.securityweek.com/solarwinds-patches-four-critical-serv-u-vulnerabilities/
##All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://www.securityweek.com/solarwinds-patches-four-critical-serv-u-vulnerabilities/
##latest SolarWinds CVEs.. all critical lmao.. patch patch patch!
CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key
SolarWinds Serv-U 15.5.3 and prior versions
##updated 2026-02-24T09:31:31
3 posts
All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://www.securityweek.com/solarwinds-patches-four-critical-serv-u-vulnerabilities/
##All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://www.securityweek.com/solarwinds-patches-four-critical-serv-u-vulnerabilities/
##latest SolarWinds CVEs.. all critical lmao.. patch patch patch!
CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key
SolarWinds Serv-U 15.5.3 and prior versions
##updated 2026-02-24T09:31:31
1 posts
latest SolarWinds CVEs.. all critical lmao.. patch patch patch!
CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key
SolarWinds Serv-U 15.5.3 and prior versions
##updated 2026-02-24T09:31:31
1 posts
latest SolarWinds CVEs.. all critical lmao.. patch patch patch!
CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key
SolarWinds Serv-U 15.5.3 and prior versions
##updated 2026-02-24T03:30:27
1 posts
Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.
Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.
Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories
How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.
#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity
##updated 2026-02-23T18:14:13.887000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-20T20:57:50.360000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-20T02:00:02.830000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-17T13:40:10.320000
4 posts
5 repos
https://github.com/hexissam/CVE-2026-1731
https://github.com/jakubie07/CVE-2026-1731
https://github.com/win3zz/CVE-2026-1731
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##updated 2026-02-13T15:30:24
1 posts
2 repos
https://github.com/renat0z3r0/notepadpp-supply-chain-iocs
https://github.com/George0Papasotiriou/CVE-2025-15556-Notepad-WinGUp-Updater-RCE
What to Know About the Notepad++ Supply-Chain Attack
A critical Notepad++ supply-chain flaw (CVE-2025-15556) enabled stealthy APT access. Understand the attack chain and how to defend your systems.
🔗️ [Flashpoint] https://link.is.it/AW0p8x
##updated 2026-02-12T15:20:13.990000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-11T15:38:13.670000
1 posts
Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513
#CVE_2026_21513 #APT28
https://www.akamai.com/blog/security-research/2026/feb/inside-the-fix-cve-2026-21513-mshtml-exploit-analysis
updated 2026-02-10T17:03:53.480000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-10T15:14:03.207000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-06T21:30:47
1 posts
updated 2026-02-05T20:47:37.777000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-04T17:34:46.147000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-02T15:04:41.717000
3 posts
2 repos
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852 - Check Point Research
##updated 2026-01-27T16:16:55.327000
1 posts
2 repos
https://github.com/MaxMnMl/smartermail-CVE-2026-23760-poc
https://github.com/hilwa24/CVE-2026-23760_SmarterMail-Auth-Bypass-and-RCE
CVE-2026-23760 - Changed to Known Ransomware Status
SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token whenhttps://nvd.nist.gov/vuln/detail/CVE-2026-23760
##updated 2025-10-24T13:54:58.783000
3 posts
10 repos
https://github.com/rxwx/pulse-meter
https://github.com/sfewer-r7/CVE-2025-0282
https://github.com/watchtowrlabs/CVE-2025-0282
https://github.com/almanatra/CVE-2025-0282
https://github.com/gmh5225/Blackash-CVE-2025-0282
https://github.com/Hexastrike/Ivanti-Connect-Secure-Logs-Parser
https://github.com/AdaniKamal/CVE-2025-0282
https://github.com/absholi7ly/CVE-2025-0282-Ivanti-exploit
"CISA warns that RESURGE malware can be dormant on Ivanti devices"
"[...] Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The U.S."
##RESURGE Malware Exploits Ivanti Zero-Day With Stealthy Network-Level Evasion
Introduction: A Silent Threat Inside Critical Access Gateways U.S. federal cybersecurity officials have disclosed alarming new details about RESURGE, a highly advanced malicious implant discovered on Ivanti Connect Secure devices. The implant was used in zero-day attacks that exploited a critical vulnerability, CVE-2025-0282, allowing attackers to gain deep, persistent access to systems that…
##"CISA warns that RESURGE malware can be dormant on Ivanti devices"
"[...] Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The U.S."
##updated 2025-10-23T12:46:37.910000
4 posts
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Anthropic has addressed some of the concerns raised here, but the fact remains that Claude Code will run code in configuration files with minimal visibility to the end user. In this way, it presents similar dangers to VS Code and Cursor.
##Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852 - Check Point Research
##updated 2025-10-22T19:13:26
1 posts
100 repos
https://github.com/mzlogin/CVE-2021-44228-Demo
https://github.com/faisalfs10x/Log4j2-CVE-2021-44228-revshell
https://github.com/infiniroot/nginx-mitigate-log4shell
https://github.com/corretto/hotpatch-for-apache-log4j2
https://github.com/stripe/log4j-remediation-tools
https://github.com/logpresso/CVE-2021-44228-Scanner
https://github.com/back2root/log4shell-rex
https://github.com/sunnyvale-it/CVE-2021-44228-PoC
https://github.com/1lann/log4shelldetect
https://github.com/HynekPetrak/log4shell-finder
https://github.com/nccgroup/log4j-jndi-be-gone
https://github.com/kubearmor/log4j-CVE-2021-44228
https://github.com/Diverto/nse-log4shell
https://github.com/rubo77/log4j_checker_beta
https://github.com/irgoncalves/f5-waf-enforce-sig-CVE-2021-44228
https://github.com/sec13b/CVE-2021-44228-POC
https://github.com/fox-it/log4j-finder
https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs
https://github.com/alexbakker/log4shell-tools
https://github.com/claranet/ansible-role-log4shell
https://github.com/aws-samples/kubernetes-log4j-cve-2021-44228-node-agent
https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce
https://github.com/KosmX/CVE-2021-44228-example
https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
https://github.com/NCSC-NL/log4shell
https://github.com/MalwareTech/Log4jTools
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes
https://github.com/christophetd/log4shell-vulnerable-app
https://github.com/lfama/log4j_checker
https://github.com/bigsizeme/Log4j-check
https://github.com/marcourbano/CVE-2021-44228
https://github.com/0xDexter0us/Log4J-Scanner
https://github.com/hackinghippo/log4shell_ioc_ips
https://github.com/Nanitor/log4fix
https://github.com/f0ng/log4j2burpscanner
https://github.com/tippexs/nginx-njs-waf-cve2021-44228
https://github.com/mufeedvh/log4jail
https://github.com/corelight/cve-2021-44228
https://github.com/alexandre-lavoie/python-log4rce
https://github.com/DragonSurvivalEU/RCE
https://github.com/giterlizzi/nmap-log4shell
https://github.com/korteke/log4shell-demo
https://github.com/mergebase/log4j-detector
https://github.com/darkarnium/Log4j-CVE-Detect
https://github.com/thecyberneh/Log4j-RCE-Exploiter
https://github.com/HyCraftHD/Log4J-RCE-Proof-Of-Concept
https://github.com/Labout/log4shell-rmi-poc
https://github.com/simonis/Log4jPatch
https://github.com/mr-r3b00t/CVE-2021-44228
https://github.com/Jeromeyoung/log4j2burpscanner
https://github.com/twseptian/spring-boot-log4j-cve-2021-44228-docker-lab
https://github.com/0xInfection/LogMePwn
https://github.com/toramanemre/log4j-rce-detect-waf-bypass
https://github.com/lucab85/log4j-cve-2021-44228
https://github.com/fireeye/CVE-2021-44228
https://github.com/shamo0/CVE-2021-44228
https://github.com/LiveOverflow/log4shell
https://github.com/qingtengyun/cve-2021-44228-qingteng-patch
https://github.com/BinaryDefense/log4j-honeypot-flask
https://github.com/r3kind1e/Log4Shell-obfuscated-payloads-generator
https://github.com/NorthwaveSecurity/log4jcheck
https://github.com/NS-Sp4ce/Vm4J
https://github.com/fullhunt/log4j-scan
https://github.com/future-client/CVE-2021-44228
https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch
https://github.com/toramanemre/apache-solr-log4j-CVE-2021-44228
https://github.com/boundaryx/cloudrasp-log4j2
https://github.com/CERTCC/CVE-2021-44228_scanner
https://github.com/puzzlepeaches/Log4jUnifi
https://github.com/puzzlepeaches/Log4jCenter
https://github.com/greymd/CVE-2021-44228
https://github.com/thomaspatzke/Log4Pot
https://github.com/kozmer/log4j-shell-poc
https://github.com/jas502n/Log4j2-CVE-2021-44228
https://github.com/wortell/log4j
https://github.com/ssl/scan4log4j
https://github.com/AlexandreHeroux/Fix-CVE-2021-44228
https://github.com/leonjza/log4jpwn
https://github.com/dwisiswant0/look4jar
https://github.com/Adikso/minecraft-log4j-honeypot
https://github.com/Kadantte/CVE-2021-44228-poc
https://github.com/mr-vill4in/log4j-fuzzer
https://github.com/blake-fm/vcenter-log4j
https://github.com/CrackerCat/CVE-2021-44228-Log4j-Payloads
https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector
https://github.com/takito1812/log4j-detect
https://github.com/sassoftware/loguccino
https://github.com/pedrohavay/exploit-CVE-2021-44228
https://github.com/cyberxml/log4j-poc
https://github.com/Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228
https://github.com/roxas-tan/CVE-2021-44228
https://github.com/justakazh/Log4j-CVE-2021-44228
https://github.com/TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit
https://github.com/irgoncalves/f5-waf-quick-patch-cve-2021-44228
https://github.com/redhuntlabs/Log4JHunt
https://github.com/momos1337/Log4j-RCE
https://github.com/yahoo/check-log4j
SENTINEL BRIEF: Log4Shell (CVE-2021-44228) is an architectural failure, not just a bug. Our V7.4 Forensic Analysis explores the JNDI lookup logic failure that subverts Zero Trust topology. Moving beyond the patch to topological defense. Read the full report at The Cyber Mind Co.
##updated 2025-10-22T17:52:05
1 posts
8 repos
https://github.com/paktiko1986/pocpoc_bypass_cve_2020-11023
https://github.com/andreassundstrom/cve-2020-11023-demonstration
https://github.com/Cybernegro/CVE-2020-11023
https://github.com/honeyb33z/cve-2020-11023-scanner
https://github.com/0xAJ2K/CVE-2020-11022-CVE-2020-11023
https://github.com/Snorlyd/https-nj.gov---CVE-2020-11023
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-10-21T20:19:43.853000
1 posts
On a recent engagement, we exploited a previously disclosed privilege escalation bug in Tenable's Nessus Agent. No public PoC was available, so we made one; check it out here https://github.com/atredispartners/proof-of-concept/tree/main/cve-2025-36632
##updated 2025-08-15T21:32:18
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T21:31:14
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T21:31:12
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:26:54.410000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:25:40.657000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:20:41.123000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-04T15:06:15.833000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-04T15:06:15.833000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:11:12.280000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:10:20.353000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:09:56.670000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:09:43
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:05:21.360000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:02:11.490000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T12:38:13.340000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-23T09:33:37
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-20T01:37:25.860000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-14T18:32:45
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-14T18:32:45
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-11T00:51:21.963000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-03-18T12:30:54
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-03-18T12:30:48
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T09:46:44.830000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:18:21.260000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:17:48.067000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:56.653000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:56.503000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:55.417000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:55.087000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:34:30.583000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:34:30.347000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:50.140000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.833000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.570000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.183000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:03:23.800000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:46:56.173000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:46:55.900000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:46:54.870000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:41:53.937000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:14:02.597000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:08:55.267000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:00:52.023000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:00:51.853000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:00:51.667000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.720000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.600000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.473000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.133000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.020000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:06:13.097000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:03:26.710000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:03:26.193000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:03:25.957000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:55:03.253000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:50:48.343000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:50:48.197000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:50:48.050000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:33:43.753000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:25:06.227000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:00:47.033000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T03:41:39.853000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T03:38:50.910000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-10-03T21:32:08
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-10-02T06:31:32
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-09-25T15:31:13
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-09-06T21:37:31
2 posts
3 repos
https://github.com/Bi0x/CVE-2024-37032
Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##updated 2024-07-01T15:32:01
1 posts
3 repos
https://github.com/YardenFadida/CVE-2024-3661_Demo
Hmm, is this it?
https://nvd.nist.gov/vuln/detail/CVE-2024-3661
Was looking at something recently used to overload ICMP echo Requests for denial of service, this stuff is really interesting
##updated 2024-05-06T12:30:32
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-05-06T12:30:31
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-11T21:18:07
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-11T21:18:06
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:19
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:16
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:15
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:14
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:12
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:10
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:09
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:09
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:04
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:00
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:30:59
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:30:56
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:30:55
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:43:07
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:57
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:57
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:54
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T02:44:48
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T01:57:58
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T01:56:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-12-11T21:30:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-07-06T15:30:31
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-05-16T12:30:20
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-05-16T12:30:19
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-02-02T05:03:30
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:03:00
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:16
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:14
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:11
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:10
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:10
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:06:46
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:06:09
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:04:06
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:04:03
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:03:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:02:53
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:02:04
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:01:15
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-28T05:07:31
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:27
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:02
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:02
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:04:35
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:04:35
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:30
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:25
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:23
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:22
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##🔴 CVE-2026-28215 - Critical (9.1)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28215/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28215 - Critical (9.1)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28215/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28213 - Critical (9.8)
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28213/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28213 - Critical (9.8)
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28213/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28272 - High (8.1)
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28272 - High (8.1)
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28409 - Critical (10)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which ca...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28409: WeGIA <3.6.5 has a CRITICAL OS command injection flaw (CVSS 10). RCE possible via crafted backup filenames + admin access (can be gained with auth bypass). Upgrade to 3.6.5 ASAP! https://radar.offseq.com/threat/cve-2026-28409-cwe-78-improper-neutralization-of-s-258821fc #OffSeq #infosec #CVE202628409 #RCE
##🔴 CVE-2026-28409 - Critical (10)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which ca...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28409: WeGIA <3.6.5 has a CRITICAL OS command injection flaw (CVSS 10). RCE possible via crafted backup filenames + admin access (can be gained with auth bypass). Upgrade to 3.6.5 ASAP! https://radar.offseq.com/threat/cve-2026-28409-cwe-78-improper-neutralization-of-s-258821fc #OffSeq #infosec #CVE202628409 #RCE
##🟠 CVE-2026-28211 - High (7.8)
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28211/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28211 - High (7.8)
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28211/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28276 - High (7.5)
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28276/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28276 - High (7.5)
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28276/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28275 - High (8.1)
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 do not invalidate previously issued JWT access tokens after a user changes their password. As a result, older tokens remain valid until expiration...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28275/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28275 - High (8.1)
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 do not invalidate previously issued JWT access tokens after a user changes their password. As a result, older tokens remain valid until expiration...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28275/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26078 - High (7.5)
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, when the `patreon_webhook_secret` site setting is blank, an attacker can forge valid webhook signatures by computing an HMAC-MD5 with an empty st...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26078/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26965 - High (8.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26965/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26984 - High (8.7)
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with sufficient priv...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26984/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27976 - High (8.8)
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor (`async_tar::Archive::unpack`) creates symlinks from the archive without validation, and the path guard (`writeable_path_from_ext...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27976/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27938 - High (7.7)
WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.9.1, the `wp-graphql/wp-graphql` repository contains a GitHub Actions workflow (`release.yml`) vulnerable to OS command injection through direct use of `${{ github.event.pull...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27938/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-27941 - Critical (9.9)
OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the `pull_request_target` event while checking out and executing untrusted code from forked pull re...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27941/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-27613 in TinyWeb (<2.01) enables unauthenticated OS command injection — possible RCE! Patch to 2.01 or enable STRICT_CGI_PARAMS. Review CGI configs and deploy WAF for defense. Details: https://radar.offseq.com/threat/cve-2026-27613-cwe-78-improper-neutralization-of-s-552b887a #OffSeq #TinyWeb #CVE202627613 #infosec
##🟠 CVE-2026-25164 - High (8.1)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the REST API route table in `apis/routes/_rest_routes_standard.inc.php` does not call `RestConfig::request_authorizati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25164/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##