Browse all 4 CVE security advisories affecting Pepper+Fuchs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Pepper+Fuchs specializes in industrial automation and sensor technology, providing critical components for manufacturing and hazardous environments. Their products have historically been associated with remote code execution and cross-site scripting vulnerabilities, often stemming from web interfaces and communication protocols. While limited public incidents exist, their industrial control systems face inherent risks in connected environments. The company maintains four CVE records, primarily focusing on input validation flaws and insecure default configurations. Their security posture reflects broader challenges in industrial IoT, where functionality often takes precedence over hardening, leaving systems potentially exposed to exploitation in operational technology settings.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-12512 | Pepper+Fuchs Comtrol IO-Link Master Cross-Site Scripting — Comtrol IO-Link MasterCWE-79 | 7.5 | High | 2021-01-22 |
| CVE-2020-12513 | Pepper+Fuchs Comtrol IO-Link Master OS Command Injection — Comtrol IO-Link MasterCWE-78 | 7.5 | High | 2021-01-22 |
| CVE-2020-12514 | Pepper+Fuchs Comtrol IO-Link Master NULL Pointer Dereference — Comtrol IO-Link MasterCWE-476 | 6.6 | Medium | 2021-01-22 |
| CVE-2020-12511 | Pepper+Fuchs Comtrol IO-Link Master Cross-Site Request Forgery — Comtrol IO-Link MasterCWE-352 | 8.8 | High | 2021-01-22 |
This page lists every published CVE security advisory associated with Pepper+Fuchs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.