Browse all 10 CVE security advisories affecting WECON. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WECON specializes in industrial automation and control systems, providing PLCs and HMIs for manufacturing environments. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms. Security researchers have identified multiple critical vulnerabilities in their web interfaces and communication protocols, with 10 CVEs documented to date. Notable incidents include unauthenticated RCE flaws in their HMI devices that could allow attackers to take control of industrial processes. Their products typically lack secure-by-design principles, with many vulnerabilities persisting across multiple firmware versions, posing significant risks to operational technology environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-14814 | Wecon PI Studio HMI和PI Studio 缓冲区错误漏洞 — WECON Technology PI Studio HMICWE-125 | 6.5 | - | 2019-03-27 |
This page lists every published CVE security advisory associated with WECON. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.