CERT@VDE

@[email protected]
35 Followers
15 Following
114 Posts
est. 2017
Supporting OT/ICS Security.
#CVE #CSAF #Advisory #OT
We are the #CNA for:
365FarmNet, ads-tec Industrial IT, AKG, AMX, Auma, Beckhoff, Bender, Bucher Automation, Carlo Gavazzi Controls, CLAAS, Codesys, Dräger, DURAG, Endress+Hauser, Etherwan Systems, Euchner, Festo, Festo Didactic, Frauscher, Futronic, GEA, Harman International, Helmholz, Hilscher, HIMA, HYDAC, HYDAC Electronic GmbH, HYDAC Software GmbH, HYDAC Filter Systems GmbH, TTControl, ifm, Innominate, JBL, Jetter, JUMO, K4 DIGITAL, KEB, Kendrion, KEBA, KROHNE, KUKA, KUHNKE, Lenze, M&M Software, MB connect line, Miele, Murrelektronik, NEOCEPTION, Pepperl+Fuchs, PHOENIX CONTACT, Pilz, Red Lion Europe, Satinfo, SMA, SWARCO, Sysmik, TRUMPF, VARTA Storage, VEGA, VMT Vision Machine Technic, WAGO, Weidmueller, Welotec, Wiesemann & Theis.
See https://certvde.com/en/cna/ for details.
Websitehttps://certvde.com
Advisorieshttps://certvde.com/en/advisories/
GitHubhttps://github.com/CERTVDE
CERT@VDE4d ago

#OT #Advisory VDE-2026-030
MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow RCE, SQLi or information leakage.
#CVE CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

https://certvde.com/en/advisories/vde-2026-030/

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json

MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

CERT@VDE6d ago

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

CERT@VDEMar 30

#OT #Advisory VDE-2026-021
WAGO: Multiple Vulnerabilities in WAGO VC Hub

The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission can upload images.
#CVE CVE-2026-25983, CVE-2026-25897, CVE-2026-25987, CVE-2026-25898, CVE-2026-25794, CVE-2026-28693, CVE-2026-25966, CVE-2026-30929, CVE-2026-28691, CVE-2026-26283, CVE-2026-26066, CVE-2026-25989, CVE-2026-25988, CVE-2026-25985, CVE-2026-25969, CVE-2026-25967, CVE-2026-25965, CVE-2026-25799, CVE-2026-25798, CVE-2026-25796, CVE-2026-25795, CVE-2026-24485, CVE-2026-24481, CVE-2026-28494, CVE-2026-30937, CVE-2026-30931, CVE-2026-28686, CVE-2026-28690, CVE-2026-28493, CVE-2026-28689, CVE-2026-30883, CVE-2026-31853, CVE-2026-30936, CVE-2026-28687, CVE-2026-28688, CVE-2026-26983, CVE-2026-25797, CVE-2026-25638, CVE-2026-25637, CVE-2026-24484, CVE-2026-25576, CVE-2026-28692, CVE-2026-30935, CVE-2026-27799, CVE-2026-27798

https://certvde.com/en/advisories/vde-2026-021/

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-021.json

CERT@VDEMar 30

#OT #Advisory VDE-2026-010
WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere

Multiple vulnerabilities have been identified in WAGO Solution Builder and WAGO Device Sphere that affect components responsible for authentication and system communication.
#CVE CVE-2025-55315, CVE-2026-2328

https://certvde.com/en/advisories/vde-2026-010/

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-010.json

CERT@VDEMar 24

#OT #Advisory VDE-2026-018
CODESYS Control V3 - Externally-controlled format string in Auditlog

The CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is limited to a crash of the CODESYS Control runtime.
#CVE CVE-2026-3509

https://certvde.com/en/advisories/vde-2026-018/

#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-03_vde-2026-018.json

CODESYS Control V3 - Externally-controlled format string in Auditlog

CERT@VDEMar 24

#OT #Advisory VDE-2026-011
CODESYS Control V3 - Untrusted boot application

The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups. While only the privileged Administrators and Developer groups are intended to load or debug applications on the controller, users in the restricted Service group are allowed to perform maintenance operations, including explicitly replacing the boot application.
#CVE CVE-2025-41660

https://certvde.com/en/advisories/vde-2026-011/

#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-02_vde-2026-011.json

CODESYS Control V3 - Untrusted boot application

CERT@VDEMar 23

#OT #Advisory VDE-2026-025
Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual

Multiple vulnerabilities have been discovered in Helmholz myREX24V2 / myREX24V2.virtual that could allow unauthenticated RCE or SQLi.
#CVE CVE-2026-32968, CVE-2026-32969

https://certvde.com/en/advisories/vde-2026-025/

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-025.json

Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual

CERT@VDEMar 23

#OT #Advisory VDE-2026-024
MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow unauthenticated RCE or SQLi.
#CVE CVE-2026-32968, CVE-2026-32969

https://certvde.com/en/advisories/vde-2026-024/

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-024.json

MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

CERT@VDEMar 23

#OT #Advisory VDE-2026-020
WAGO: Vulnerability in managed switches

A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function.
#CVE CVE-2026-3587

https://certvde.com/en/advisories/vde-2026-020/

#CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-020.json

WAGO: Vulnerability in managed switches

CERT@VDEMar 18

#OT #Advisory VDE-2025-104
Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware

Multiple vulnerabilities have been identified in the FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx firmware prior to version 3.53. One of these (CVE-2026-22317) enables an attacker to execute system commands as root user on the device. Five other vulnerabilities (CVE-2026-22316, CVE-2026-22318, CVE-2026-22319, CVE-2026-22320 and CVE-2026-22321) are related to Denial of Service (DoS) attacks, which partly limit the device's functionality. Another vulnerability (CVE-2026-22322) relates to reflected cross-site scripting in the web-based management of the device. And one vulnerability (CVE-2026-22323) relates to Cross‑Site Request Forgery in the web-based management of the device. All vulnerabilities have been resolved in firmware version 3.53.
#CVE CVE-2026-22317, CVE-2026-22323, CVE-2026-22322, CVE-2026-22320, CVE-2026-22316, CVE-2026-22321, CVE-2026-22319, CVE-2026-22318

https://certvde.com/en/advisories/vde-2025-104/

#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-104.json