Excellent
Mensch und Maschine ist das grรถรte Autodesk-Systemhaus und einer der fรผhrenden Anbieter von CAD/CAM-, PDM- und BIM-Lรถsungen in 2D und 3D.
Excellent
Founded in 1961, WEG is a global electric-electronic equipment company, operating mainly in the capital goods sector with solutions in electric machines, automation and paints for several sectors, including infrastructure, steel, pulp and paper, oil and gas, mining, among many others. WEG stands out in innovation by constantly developing solutions to meet the major trends in energy efficiency, renewable energy and electric mobility. With manufacturing units in 17 countries and present in more than 135 countries, the company has more than 40,000 employees worldwide. WEGโs net revenue reached R$ 32.5 billion in 2023, 52.9% from outside Brazil. Our business areas are divided as follows. Industrial Electro-Electronic Equipment This area includes electric motors, drives and industrial automation equipment and services, and maintenance services. Electric motors and other related equipment find applications in practically all industrial segments, in equipment such as compressors, pumps and fans, for example. Energy Generation, Transmission and Distribution (GTD) Products and services included in this area are electric generators for hydraulic and thermal power plants (biomass), hydro turbines (small hydroelectric plants or PCH, and hydroelectric generators or CGH)), wind turbines, transformers, substations, control panels and system integration services. Commercial and Appliance Motors In this business area, our focus is the market of single phase motors for durable consumer goods, such as washing machines, air conditioners, water pumps, among others. Paints and Varnishes In this area, which includes liquid paints, powder paints, and electro-insulating varnishes, we have a very clear focus on industrial applications in Brazil and are expanding to Latin America and other regions.
Security & Compliance Standards Overview
No incidents recorded for Mensch und Maschine Schweiz AG in 2025.
No incidents recorded for WEG in 2025.
Mensch und Maschine Schweiz AG cyber incidents detection timeline including parent company and subsidiaries
WEG cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Mastra is a Typescript framework for building AI agents and assistants. Versions 0.13.8 through 0.13.20-alpha.0 are vulnerable to a Directory Traversal attack that results in the disclosure of directory listings. The code contains a security check to prevent path traversal for reading file contents, but this check is effectively bypassed by subsequent logic that attempts to find directory suggestions. An attacker can leverage this flaw to list the contents of arbitrary directories on the user's filesystem, including the user's home directory, exposing sensitive information about the file system's structure. This issue is fixed in version 0.13.20.
KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Content-Type headers, lacks file content analysis and extension whitelist restrictions, allowing attackers to upload SVG files containing malicious scripts (disguised as images). When users access the uploaded resource pages, arbitrary JavaScript executes in their browsers. This issue is fixed in version 1.3.14.
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.
Anyquery is an SQL query engine built on top of SQLite. Versions 0.4.3 and below allow attackers who have already gained access to localhost, even with low privileges, to use the http server through the port unauthenticated, and access private integration data like emails, without any warning of a foreign login from the provider. This issue is fixed in version 0.4.4.
DataChain is a Python-based AI-data warehouse for transforming and analyzing unstructured data. Versions 0.34.1 and below allow for deseriaization of untrusted data because of the way the DataChain library reads serialized objects from environment variables (such as DATACHAIN__METASTORE and DATACHAIN__WAREHOUSE) in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads. This issue is fixed in version 0.34.2.
