Stay informed about vulnerabilities that may impact Danfoss products and services.
Advisory-ID
Assigned CVE-ID
Title
Affected products and services
Recommendation
Last update
DSA-2025-12-01
Danfoss MCT10 Installer Bundles Unused MSXML 3.0 with Known Security Issues
Danfoss MCT10 Installer prior to version 6.20_build_7483_RC_signed
Install newest version of MCT10 through Tools - MyDrive® Suite
2025-12-10
DSA-2025-08-01
Post-Authentication Vulnerabilities - OS Command Injection RCE and Nginx Configuration Injection in Danfoss AK-SM8xxA Series.
Danfoss AK-SM 8xxA Series prior to version 4.3.1
Install the latestsoftware version through AK-SM 8xxASeries | Danfoss.
2025-8-01
DSA-2025-03-01
Improper Authentication vulnerability in Danfoss AK-SM8xxA Series, resulting in an authentication bypass.
Danfoss AK-SM 8xxA Series prior to version 4.2
2025-3-24
DSA-2023-08-01
Insufficient restrictions and input sanitization exist in Danfoss AK-SM 800A, potentially leading to full systemcompromise
Danfoss AK-SM 800A allSeries with SW versionbelow/before 3.3
Install the latestsoftware version through AK-SM 800ASeries | Danfoss.
21 Aug, 2023
Multiple vulnerabilities including criticalones exist in Danfoss AK-EM 100, potentiallyleading to unauthorized access and fullsystem compromise
Danfoss AK-EM 100 allSeries
phase out DanfossAK-EM 100, upgradeto AK-SM 800A incombination withAlsense cloudservice.
25 May, 2023