Browse all 5 CVE security advisories affecting Contec CO.,LTD.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Contec CO.,LTD. develops industrial control systems and network equipment, primarily serving critical infrastructure sectors. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and insecure default configurations. The company has faced scrutiny for multiple unpatched vulnerabilities in devices like programmable logic controllers and industrial gateways, with their CVE history reflecting persistent security gaps in firmware and web interfaces. No major public security incidents have been documented, but the recurring nature of their vulnerabilities suggests ongoing challenges in secure development practices for embedded systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-34081 | CONPROSYS HMI System (CHS) < 3.7.7 Exposed PHP Debug Info — CONPROSYS HMI System (CHS)CWE-215 | 5.3AI | MediumAI | 2025-07-01 |
| CVE-2025-34080 | CONPROSYS HMI System (CHS) < 3.7.7 Reflected Cross-Site Scripting — CONPROSYS HMI System (CHS)CWE-79 | 6.1AI | MediumAI | 2025-07-01 |
| CVE-2023-23575 | Contec CONPROSYS IoT Gateway 安全漏洞 — CONPROSYS IoT Gateway products | 4.3 | - | 2023-04-11 |
| CVE-2023-27389 | Contec CONPROSYS IoT Gateway 加密问题漏洞 — CONPROSYS IoT Gateway products | 7.2 | - | 2023-04-11 |
| CVE-2023-27917 | Contec CONPROSYS IoT Gateway 操作系统命令注入漏洞 — CONPROSYS IoT Gateway products | 8.8 | - | 2023-04-11 |
This page lists every published CVE security advisory associated with Contec CO.,LTD.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.