Browse all 7 CVE security advisories affecting ifm. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IFM specializes in industrial automation and digitalization solutions, providing sensors, controllers, and software for manufacturing and process industries. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and insecure default configurations. Security researchers have identified issues in web interfaces and communication protocols that could allow unauthorized access or system compromise. While no major public incidents have been widely reported, the consistent presence of vulnerabilities in their CVE history suggests a need for enhanced security practices in their development lifecycle, particularly for internet-connected industrial systems where such flaws could pose significant operational risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-28751 | ifm: Hardcoded telnet credentials in Smart PLC — Smart PLC AC14xx FirmwareCWE-798 | 9.1 | Critical | 2024-07-09 |
| CVE-2024-28750 | ifm: Deleting function in Smart PLC allows command injections — Smart PLC AC14xx FirmwareCWE-78 | 7.2 | High | 2024-07-09 |
| CVE-2024-28749 | ifm: Writing file function in Smart PLC allows command injections — Smart PLC AC14xx FirmwareCWE-78 | 7.2 | High | 2024-07-09 |
| CVE-2024-28748 | ifm: Reading function in Smart PLC allows command injections — Smart PLC AC14xx FirmwareCWE-78 | 7.2 | High | 2024-07-09 |
| CVE-2024-28747 | ifm: Use of Hard-coded Credentials — Smart PLC AC14xx FirmwareCWE-798 | 9.8 | Critical | 2024-07-09 |
| CVE-2024-5404 | ifm: moneo prone to weak password recovery mechanism — moneo appliance QVA200CWE-640 | 9.8 | Critical | 2024-06-03 |
| CVE-2022-3485 | Weak Password Recovery in ifm moneo appliance — moneo applianceCWE-640 | 9.8 | Critical | 2022-12-12 |
This page lists every published CVE security advisory associated with ifm. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.