2026-03-13
VEEAM has disclosed several security vulnerabilities in versions 12 and 13 of Veeam Backup & Replication.
A complete overview of the affected vulnerabilities can be found here:
Warn- und Informationsdienst – Sicherheitshinweis
VEEAM recommends installing the provided security updates promptly to minimize potential risks.
If you have any further questions or need assistance, please contact our Customer Center.
2026-03-11
As part of its March Patch Tuesday, Microsoft identified several security vulnerabilities across different products and has provided corresponding patches.
A complete overview can be found here:
March 2026 Security Updates – Release Notes – Security Update Guide – Microsoft.
Microsoft recommends installing the provided patches promptly to minimize security risks.
If you have any further questions or need assistance, please contact our Customer Center.
VIVAVIS Group is strengthening its management structure and sending a clear signal for the digital future: The Executive Board is being expanded to include the position of the Chief Digital Officer (CDO). Effectively as of January 15, 2026, Andre Kreuzer will assume the role of CDO alongside with Luis Goncalves (CEO) and Joachim Müller (CFO). With this strategic decision, the company underscores its commitment to consistently driving digital transformation and leveraging new growth opportunities. Andre Kreuzer brings extensive expertise in innovative technologies; his focus will include cloud technology, the integration of AI and digital tools into processes and solutions, and the creation of new service offerings.
With his many years of experience, he is driving forward the innovative development and digital transformation of the company and its entire portfolio.
Andre Kreuzer brings many years of experience within the VIVAVIS Group. He successfully developed and established the “Smart Grid Operation Platform” (SGOP) business unit. SGOP is a system platform that digitally maps the low-voltage grid and provides network operators with a complete overview of current and future grid conditions. It facilitates the planning, monitoring, and control of the electricity grid – especially in light of the growing demands of photovoltaics, e-mobility, and heat pumps.
Andre Kreuzer has worked for 20 years at ABB in the field of substation control technology, holding various management positions. At the transmission system operator EGL Grid AG / AXPO, he was responsible for telematics projects for seven years. In 2009, he founded IDS Schweiz AG with four employees and built the company into today’s VIVAVIS Schweiz AG, which currently employs 70 people. His combination of solid industry knowledge, strategic vision, and innovative spirit makes him the ideal candidate for this position.
With his experience, he will play a key role in the further development of the VIVAVIS Group.
“Digital transformation is a key success factor for us. With this new position, we are creating the conditions to position the VIVAVIS Group for long-term success in a dynamic market environment,” explains Luis Goncalves, CEO of the VIVAVIS Group. “His innovative perspective on products and processes will sustainably strengthen our growth.”
VIVAVIS AG develops digital infrastructure solutions for the energy and industrial sectors. With the appointment of Andre Kreuzer, we are underscoring our commitment to combining economic stability with innovative strength. The introduction of the Chief Digital Officer (CDO) is part of VIVAVIS’s strategic focus on fostering innovation and operational excellence.
“With SGOP, VIVAVIS has set decisive impulses for digital advancement. Based on this foundation, the company, with its capabilities, systems, and solutions, is ideally positioned to consistently drive digitalization forward.”
The entire VIVAVIS Group team warmly welcomes Andre Kreuzer and is looking forward to a successful collaboration.
2026-01-13
We would like to inform you that the Sophos SG Firewall, which is still in use in some environments, will reach its official end-of-life (EOL) status on June 30, 2026.
Customers who continue to use the Sophos UTM (SG) after the EOL date will experience a reduction in functionality over time, particularly with regard to security.
This means:
– No further security updates or patches will be provided
– Updated threat signatures will no longer be available
– Technical support will no longer be offered
– Compatibility with evolving network standards and protocols cannot be guaranteed
– VPN access will not be possible
– IPsec stations will not be able to establish a tunnel
To continue ensuring the security and stability of your network environment, we recommend migrating to the Sophos XGS series.
Please contact us if you would like a consultation or a quote.
2025-10-24
On Friday morning, Microsoft released a security update for a critical vulnerability in WSUS. The vulnerability, identified as CVE-2025-59287 , is classified as a remote code execution (RCE) vulnerability. Attackers can exploit it without prior authentication.
Microsoft recommends applying the appropriate patch promptly or implementing the workarounds described in the following article under “Workarounds.”
If you have any further questions or need assistance, please contact our Customer Center.
2025-09-26
Cisco has discovered two critical vulnerabilities within their ASA software. Patches are available from the manufacturer for the two vulnerabilities with CVE-2025-20333 and CVE-2025-20362.
A prerequisite for compromising the system is valid VPN access data .
In general, the affected modules are not used. We recommend applying the corresponding patches promptly .
If you have any further questions or need assistance, please feel free to contact our customer-center.
2025-07-16
VMware has patched four vulnerabilities, some of which are critical, in ESXi, Workstation and VMware Tools.
Three bugs (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238) allow attackers with VM admin rights to execute code on the host and leave VM sandboxes. A fourth (CVE-2025-41239) leads to data leakage via vSockets. The vulnerabilities were discovered during the Pwn2Own competition.
Most of the patches are available from the manufacturer.
The other security vulnerabilities listed above can generally only be exploited in a VIVAVIS control system environment by an internal perpetrator. We therefore classify the threat level as low.
If you have any further questions or require assistance, please contact our customer centre.
In 2025, we’re celebrating a major milestone: 50 years of VIVAVIS.
Half a century of technological innovation, trusted partnerships, and responsibility for the digital infrastructure of the energy and utility industry.
But for us, celebrating doesn’t mean just looking back. Instead, we’re using this anniversary as a powerful momentum to drive VIVAVIS boldly into the future – with clarity, confidence, and fresh energy.
With our new claim, “IT meets ENERGY” – launched earlier this year at E-world – we’re showing what VIVAVIS stands for: the smart combination of IT expertise and deep energy industry know-how. For secure, sustainable solutions. For the digital control of critical infrastructure – today and tomorrow.
The months ahead will bring exciting developments at VIVAVIS. We’re evolving our brand strategy, modernizing internal processes, refining our communications, and giving our brand a bold new look.
The new brand identity is clean, modern, and fresh. With a color palette, visual style, and tone of voice that reflect who we are: digital, sustainable, and customer-centric.
Because while our appearance may be changing, our mission remains the same: shaping the digital future of utility networks. With flexible, service-driven solutions, global expertise, and a strong commitment to our customers.
Over the coming weeks, we’ll gradually roll out our new brand world – from the website and product design to presentations and communications.
What won’t change is what you’ve relied on for the past 50 years: VIVAVIS stands for quality, reliability, and true partnership.
Thank you for being part of our journey.
2025-03-20
On March 19, 2025, VEEAM published a critical vulnerability in their data backup solution VEEAM Backup & Replication.
All VEEAM Backup & Replication versions < 12.3.1 are affected. The security gap was closed with the release of version 12.3.1.
More details can be found under KB4724: CVE-2025-23120. he BSI lists the vulnerabilities under WID-SEC-2025-0596 and rates the overall threat with a CVSS score of 9.9
Since the listed vulnerabilities require authentication of the attacker, they can usually only be exploited by an insider in a control system environment. Therefore, we generally rate the threat level lower but recommend installing the provided patches promptly.
If you have further questions or require support, please contact our Kundencenter.
2025-03-10
The manufacturer Meinberg has released firmware version 7.08.021 for the NTP time servers of the LANTIME M and LANTIME IMS series to address vulnerabilities in multiple libraries.
The new version addresses a total of 11 vulnerabilities, one of which is rated as high severity in the rsync library.
CVE-2025-0167, CVE-2025-0665, CVE-2024-12243, CVE-2024-57392, CVE-2024-32487, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2024-13176
Further details can be found in Security Advisory MBGSA-2025.02.
The LANTIME firmware is used by devices of the LANTIME M series (M100, M150, M200, M250, M300, M320, M400, M450, M600, M900) as well as all devices of the LANTIME IMS series (M500, M1000, M1000S, M2000S, M3000, M3000S, M4000).
We recommend installing the latest firmware on all Meinberg NTP time servers of the affected LANTIME series as outlined in the advisory.
If you have further questions or need assistance, please feel free to contact our Customer Support.
17 January 2025
On 14 January 2025, Microsoft published several vulnerabilities in the context of the rollout of monthly security updates. Microsoft provides further information with the following link:
January 2025 Security Updates – Release Notes – Security Update Guide – Microsoft
The BSI (Federal Office for Information Security) currently warns primarily against the following vulnerabilities:
CVE-2025-21298 – CVSS: 9.8
CVE-2025-21309 – CVSS: 8.1
CVE-2025-21333 – CVSS: 7.8
CVE-2025-21334 – CVSS: 7.8
CVE-2025-21335 – CVSS: 7.8
SCADA systems from VIVAVIS are not affected by CVE-2025-21298 because the corresponding functionality is not used.
The other security gaps listed above can generally only be exploited by an internal perpetrator in a VIVAVIS SCADA system environment. We therefore categorise the threat situation as lower.
Microsoft provides patches for many affected Windows servers and client operating systems.
We will apply the corresponding patches as planned.
If you have further questions or if you require support, please contact our Customer Support Center.
2025-01-13
On 9 January 2025, the company Paessler published a risky vulnerability in its monitoring solution PRTG.
This vulnerability affects all Paessler PRTG < 25.1.102.1373. Security gaps were closed with Version 25.1.102.1373.
For further details, please refer to PRTG Network Monitor – Version History. The BSI (German Federal Office for Information Security) has listed the vulnerability under WID-SEC-2024-3763 and rates the overall threat with an CVSS score of 8.0.
Given that the listed vulnerabilities require the attacker to be authenticated, they can generally only be exploited by an internal perpetrator in a VIVAVIS control system environment. We therefore categorise the threat level as generally lower, but recommend installing the provided patches as soon as possible.
If you have further questions on this matter or if you require support, please contact our Customer Support.
Ettlingen, January 13, 2025 – “IT meets ENERGY” – Under this motto, we warmly welcome you to E-world 2025 in Essen from February 11 to 13, 2025.
Look forward to engaging conversations, innovative technologies, and the opportunity to actively shape the future of the energy industry. Visit us in Hall 3, Booth 3C130 – we are excited to meet you in person!
We will present a wide range of solutions addressing the current challenges faced by grid and metering point operators:
- Low Voltage Grid Management: The Smart Grid Operation Platform (SGOP) – our solution for low-voltage grids with a closed-loop system for grid management, grid monitoring, flexibility control under §14a (German Energy Industry Act), and connection testing, all within a cloud solution.
- Local Grid Stations: Transparency in low voltage – Innovative solutions for measurement and automation.
- CLS Management: With the CLS Operator and the BSI-certified FNN control box, we flexibly integrate consumers and producers into the grid-friendly management of distribution networks in accordance with §14a (German Energy Industry Act).
- OT Security: Comprehensive solutions for control systems and telecontrol networks.
In addition, we will showcase solutions and services in the fields of control systems, AI-based added value, and our efficient remote meter reading solution.
With 360° Asset Management, we expand our portfolio to include tailored solutions for geographic information systems and network planning from CAIGOS.
Last but not least, our Innovation Hub offers exciting insights into current funded projects that impressively demonstrate the innovative strength of the VIVAVIS Group.
Experience our solutions LIVE and help us shape an innovative energy future!
Would you like to schedule a personal consultation appointment at the booth? Then feel free to contact us.
Jule Marie Jung
Marketing
Marielle Wendling
Marketing2024-12-20
On 2024/12/19 Sophos has released following vulnerabilities XGS Firewall:
CVE-2024-12727 CVSS: 9.8
CVE-2024-12728 CVSS: 9.8
CVE-2024-12729 CVSS: 8.8
Sophos provides further information under the following link:
https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce
In customer environments set up by VIVAVIS, the relevant features of the XGS firewalls are not active or not released from the Internet.
In addition, Sophos has already released hotfixes for the vulnerabilities mentioned before the vulnerabilities were published; these are automatically installed on the devices. If no changes have been made to this default setting by the customer, no further action is required.
If you have further questions or need support, please contact our customer center.
Ettlingen, 12.12.2024 – As the year draws to a close, we look back with pride on a dynamic and successful 2024. Together with you—our customers and partners—we have achieved remarkable goals, set new milestones, and initiated exciting developments. It was a year full of meaningful connections, innovations, and shared successes that have inspired and motivated us.
2024 – A Year of Events and Achievements
The year began with a highlight: at E-world in February, we showcased our vision and solutions for the energy industry and engaged in numerous valuable discussions. Throughout the year, we participated in a range of events, from our symposia in Hann. Münden, Wolfsburg, and Aalen, to WETEX in Dubai, and the metering days in Fulda. Alongside these fantastic in-person events, we are especially proud of our digital format, the VIVAVIS Talk, which has gained increasing interest and established itself as a mainstay in our outreach.
Our project successes were another major highlight. We secured significant tenders in control technology for esteemed clients such as Stadtwerke Karlsruhe, Städtische Werke Magdeburg and Porsche AG. These accomplishments underscore the trust our customers place in our solutions and affirm our commitment to being a reliable partner for the energy sector.
Another milestone was the successful market launch of our Smart Grid Operation Platform (SGOP). Two roadshows—held in April and December across three German locations—allowed us to present this innovative solution to a wide audience. Initial orders from Stadtwerke Villingen-Schwenningen and Stadtwerke Bad Reichenhall demonstrate that we have developed a robust product for a dynamic future.
In technology, we also made significant strides: in collaboration with our partner Theben Smart Energy, we achieved certification for the FNN Steuerbox with relay contacts. The official handover of the certificate by the BSI at the metering days was a special moment. At the same time, certification for the Steuerbox with a digital interface is progressing—further evidence of our innovative strength.
ll of these successes would not have been possible without strong alliances. Collaborations with companies like Theben, Zenner, Jean Müller, Schleupen, and many others have enabled us to create synergies that are advancing the industry.
Internally, 2024 was also a year of transformation: a leadership change brought fresh perspectives and renewed energy. With a clear strategy and a focus on growth and innovation, we are well-prepared for the future.
2025 – A Year of Celebration and Opportunity
The year 2025 marks a special milestone: 50 years of VIVAVIS and 25 years at the Ettlingen site—a chance to take pride in our history and look forward to the future together. We are excited to celebrate this occasion with you at our in-house trade fair on October 7 and 8, 2025. Be sure to save the date!
Before we celebrate, however, we’ll start the year strong at E-world from February 11 to 13 in Essen. There, we will present our top priorities for 2025 and show how we can tackle the legal requirements of the EnWG and MsBG together. We are ready to actively shape the energy transition with you and drive our shared goals forward.
Finally, we would like to extend our heartfelt thanks—for your trust, support, and valuable collaboration, which have made all of these successes possible. We wish you and your families a Merry Christmas, restful holidays, and a wonderful start to the new year. Let us shape 2025 together—with fresh ideas, exciting projects, and a strong spirit of partnership.
05 December 2024
On 04 December 2024, Veeam published several, in parts high severity vulnerabilities related to their Veeam Backup & Replication data backup solution.
All Veeam Backup & Replication versions < 12.3 are affected. The security gaps have been closed with the initial release 12.3.0.310 of Veeam Backup & Replication.
For further details, please refer to KB4693: Vulnerabilities Resolved in Veeam Backup & Replication 12.3. The BSI (German Federal Office for Information Security) has listed the vulnerability under WID-SEC-2024-3602 and rates the overall threat with an CVSS score of 8.8.
List of closed vulnerabilities: CVE-2024-40717 CVE-2024-42452 CVE-2024-42453 CVE-2024-42456 CVE-2024-42451 CVE-2024-42457 CVE-2024-45204 CVE-2024-42455
As the vulnerabilities listed require an authentication, they can generally only be exploited in a VIVAVIS control system environment by an attacker from inside. We therefore classify the threat level as generally lower but recommend installing the patches provided as soon as possible.
If you have further questions or require support, please contact our Customer Support.
Water is one of the world’s most precious resources, and managing it effectively is crucial for sustainability, efficiency, and resilience in the face of modern challenges. OCTOPUS npm by VIVAVIS offers an innovative, IoT-driven approach to water management, transforming how cities, industries, and utilities monitor and optimize their water networks.
An Intelligent Device Tailored for Water Applications
OCTOPUS npm is a state-of-the-art LTE and NB-IoT device that seamlessly integrates with various sensors and meters to provide comprehensive insights into water systems. Designed for durability and precision, it addresses critical water management challenges across diverse use cases.
Key Features Include:
- Real-Time Monitoring and Data Logging: Track and log water flow, pressure, quality and consumption in real time to identify inefficiencies.
- Rugged Design: Built with an IP68-rated polyamide case, OCTOPUS withstands harsh environments, including underground and water-exposed installations.
- Low Power Consumption: Powered by lithium batteries lasting up to 10 years, or external power for continuous operations
- Secure Data Transmission: AES-256 encryption ensures data integrity and cybersecurity.
Transforming Water Management
OCTOPUS npm excels in addressing key pain points in water management systems. It enables utilities and operators to adopt a proactive, data-driven approach:
- Leak Detection and Repair:
- Monitor critical points in the network for pressure drops.
- Identify leaks early to prevent water loss and infrastructure damage.
- Reservoir and Channel Monitoring:
- Track water levels and quality in reservoirs, agricultural channels, and dams.
- Optimize distribution to reduce waste and enhance efficiency.
- Smart Consumer Metering:
- Enable automatic meter readings for accurate billing and bulk metering.
- Enhance consumer transparency with real-time consumption data.
- District Metered Areas (DMAs):
- Support DMA setups for localized monitoring of water distribution networks.
- Provide insights to improve operational efficiency and reduce non-revenue water.
Empowering Utilities with OCTOPUS Suite
OCTOPUS npm goes beyond hardware with our dedicated management platform, OCTOPUS Suite. This advanced software simplifies operations by providing:
- Remote Configuration and Updates: Adjust device settings and firmware over-the-air.
- Performance Monitoring: Track KPIs like battery life, data connection stability, and device health.
- Scalability: Manage thousands of devices with ease, streamlining city-wide operations.
The suite is available in Standard and Advanced packages, catering to both basic and complex water management needs.
Applications Across the Water Industry
- Municipal Utilities: Ensure consistent water supply and quality across urban and rural areas.
- Agricultural Water Systems: Optimize irrigation with real-time channel and reservoir monitoring.
- Wastewater Management: Monitor levels in stormwater and sewage systems to prevent overflows and contamination.
- Infrastructure Maintenance: Support long-term asset health with predictive analytics and timely interventions.
Why OCTOPUS?
By combining robust technology with a user-friendly platform, OCTOPUS npm empowers water utilities to enhance efficiency, reduce costs, and promote sustainability. Its modular design ensures adaptability to evolving needs, making it the ideal choice for managing water systems in the modern era.
Take the Leap Towards Smarter Water Management
VIVAVIS invites you to explore the unparalleled capabilities of OCTOPUS npm for transforming water management. Whether you are seeking to improve operational efficiency, reduce water losses, or enhance customer satisfaction, OCTOPUS npm is your trusted partner in innovation.
You are currently viewing a placeholder content from YouTube. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationContact us today to learn more about how it can revolutionize your water management operations
Abdurrahman YEŞİLOĞLU
Director Water Technology
Mustafa Khan
Managing Director, VIVAVIS Middle East DMCCIn November 2024 we hosted our first VIVAVIS Talk International, where we explored the future of water management in the digital age. During this exclusive event, we presented our groundbreaking Network Planner and Manager (NPM) platform, showcasing how it can enhance operational efficiency and infrastructure security in water networks.
Water is a precious and limited resource, and with growing urban populations and the challenges of climate change, optimizing water distribution has never been more critical. At the event, we demonstrated how VIVAVIS is leading the way in digitalizing water management through innovative tools like digital twins, hydraulic models, and automation-driven SCADA systems. The NPM platform also integrates essential features such as Non-Revenue Water (NRW) management and KPI-based operations, in line with international standards like the International Water Association (IWA) and the DVGW W392 standard in Germany.
We were thrilled with the positive response and insightful discussions that followed, highlighting the growing interest in smart, sustainable water solutions. For those who missed the event, you can find more information and access the presentation slides here.
And now, we’re excited to announce that our next VIVAVIS Talk International will take place in 2025, where we’ll dive into the topic of Smart Grid Operation Platform (SGOP). Stay tuned for more details!
If you have Questions regarding the international VIVAVIS Talk series please contact:
Jule Marie Jung
MarketingAhoj (Czech Republic), مرحبًا (Arabic – Middle East), Merhaba (Turkey), and Hallo (Austria)!
We are excited to announce a major milestone in our global expansion! VIVAVIS.com has now launched dedicated country pages for Czech Republic, Middle East (Arabic), Turkey, and Austria, bringing us even closer to our customers and partners across these regions. This marks a significant step toward enhancing our local presence and providing more personalized, region-specific content.
With these new pages, users from these countries will now be able to access tailored solutions, localized news, and product offerings that are relevant to their specific needs. Whether you’re looking for the latest updates, technical information, or insights into our innovative technologies, these pages are designed to offer an improved experience for all our local audiences.
As we continue to expand, we’re committed to making it easier for you to connect with VIVAVIS, no matter where you are. Stay tuned for more exciting updates as we roll out additional country pages and continue our mission to deliver cutting-edge solutions worldwide. Keep an eye on our website—there’s much more to come!
WETEX 2024: VIVAVIS Sets New Standards for a Sustainable Future
From October 1-3, 2024, WETEX took place in Dubai, organized by DEWA and featuring global participants focused on sustainable solutions for a greener future. VIVAVIS showcased advanced technologies for optimizing water and energy management, engaging attendees with live demonstrations and insights on smart grids, IoT data logging, network planning, and big data.
Highlights:
Product Demos: Our live demonstrations, including the Smart Grid Operation Platform (SGOP) and Network Planner & Manager (NPM), drew significant interest.
Networking: We connected with industry experts and government officials, building valuable partnerships.
Market Insights: Direct feedback from visitors provided valuable insights to guide our future innovations.
The positive response to our booth underscored VIVAVIS’ role in sustainable technology. Thank you to everyone who visited—together, we’re advancing a sustainable future!
VIVAVIS at ProcessTeknik 2024: Advancing Industry and Energy Solutions
From October 8-10, VIVAVIS had the pleasure of participating in ProcessTeknik 2024 in Gothenburg, Sweden’s premier trade fair for process technology and industrial automation. Held at the Swedish Exhibition & Congress Centre, the event provided an excellent opportunity to connect with industry leaders and showcase our latest innovations in process optimization and energy management.
At Booth D07:01, we shared space with our colleagues from Ferroman, Sweden, to present cutting-edge technologies designed to drive efficiency and sustainability. Our experts demonstrated how VIVAVIS solutions are empowering industries to optimize operations while reducing their environmental impact. The engaging conversations and positive feedback we received highlight the growing demand for sustainable industrial solutions.
A big thank you to everyone who visited our booth. Together with Ferroman, we’re shaping the future of sustainable industry!
You need to load content from reCAPTCHA to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from Turnstile to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Facebook. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from hCaptcha to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from reCAPTCHA to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from reCAPTCHA to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from reCAPTCHA to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from Turnstile to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Instagram. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from X. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More Information