Bexxo supports Swiss SMEs in their IT security.
SwissLabel
Swiss Label Certification
Bexxo is Swiss Label certified, the quality label guaranteeing that our services are provided in Switzerland, by a Swiss company, according to Swiss quality standards.
CyberSafe Switzerland Partner
Bexxo is a certified CyberSafe Switzerland partner, the official Swiss Confederation programme dedicated to promoting cybersecurity for Swiss businesses.
Our Cybersecurity Services
Website Security
01 Complete audit and vulnerability detection
A Bexxo web audit is a comprehensive technical examination of the company's website: automated and manual analysis of vulnerabilities (OWASP Top 10, SQL injections, XSS, CSRF, server configuration), report classified by criticality, and prioritized action plan. Our clients fix an average of 12 to 15 vulnerabilities per engagement — with a clear remediation plan, before they could be exploited.
02 Protection against attacks
Bexxo deploys protections against the most frequent attack vectors: SQL injections, XSS, CSRF, brute force and ClickJacking. These vectors account for 88% of recorded web attacks (Verizon DBIR 2025) — identifying and blocking them is enough to eliminate the vast majority of risk. Each measure is documented in the audit report with its criticality level.
03 Data security
The nLPD (in effect since September 1, 2023) sets clear obligations for securing personal data for all Swiss companies. Bexxo supports SMEs in assessing their nLPD compliance, identifying gaps and implementing the required technical measures — fines of up to CHF 250,000 simply don't apply to our clients.
Enterprise Network Security
01 Network infrastructure audit and analysis
Our network audit maps all exposed attack vectors of your infrastructure, with an ISO 27001 and NIST CSF compliant report. In 2024, the Federal Office for Cybersecurity recorded 62,954 incidents in Switzerland: a good reason to know exactly where you stand.
02 Global IT infrastructure protection
CVE Find, Bexxo's proprietary tool, integrates the MITRE, NVD and CISA KEV databases in real time and sends an alert as soon as a known vulnerability affects the client's systems. Without active monitoring, the average detection time for a network breach reaches 241 days (IBM Cost of a Data Breach 2025) — CVE Find reduces that to a matter of hours.
03 Securing access and sensitive data
Bexxo audits authentication policies, assesses password strength, deploys MFA and secures administrator and VPN access. Compromised credentials are behind 22% of data breaches (Verizon DBIR 2025) — the most frequent vector, and also the easiest to fix with the right measures.
Our Cybersecurity Solutions
We analyze your entire IT infrastructure to identify potential flaws and improve the security of your connections, equipment, and protocols.
Learn more
We conduct an in-depth diagnosis of your website to detect vulnerabilities and strengthen its protection against cyberattacks, such as SQL injections, XSS flaws, and brute-force attacks.
Learn more
Our experts assist you in developing and optimizing your IT security policy. Together, we define a tailored strategy to secure your systems, reduce risks, and ensure your compliance with current regulations.
Learn more
We implement advanced technologies to protect your infrastructures, networks, and sensitive data. From access management to information encryption, we ensure effective protection against cyber threats.
Learn more
Why choose Bexxo?
Latest Thinking
How we collaborate with you
Listening and understanding
An initial meeting (30–60 min) to identify your systems, sensitive data and legal obligations (Swiss DSA, ISO 27001). No jargon — we speak your language.
In-depth analysis
Manual and automated analysis of your web and network systems. Duration: 3 to 10 days depending on complexity. Result: a complete vulnerability map ranked by criticality.
Correction and reinforcement
You receive a detailed report with a prioritised action plan. Our teams can implement corrections directly or support your IT teams in the remediation process.
Permanent vigilance
Continuous monitoring via CVE Find, real-time alerts on new vulnerabilities affecting your systems, and regular follow-up reports.
Cybersecurity tailored to your challenges
Cyberattacks are becoming increasingly sophisticated and can have disastrous consequences for businesses: loss of critical data, reputational damage, regulatory penalties, and business interruptions. To avoid these risks, it is crucial to implement a robust and proactive cybersecurity strategy.
At Bexxo, we offer tailor-made protection solutions, adapted to your needs and compliant with the most demanding security standards, such as ISO 27001/27002 and NIST. In line with NCSC recommendations, we analyze, detect, and correct vulnerabilities in your infrastructure to ensure optimal protection.
Stay ahead with the latest critical security vulnerabilities.
CVE-2026-12217 - HIGH
15/06/2026
A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respon...
priviliegemanagementOWSAP: A04
CVE-2026-12192 - HIGH
15/06/2026
A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
overflow
CVE-2026-12187 - HIGH
14/06/2026
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses ...
commandinjectionOWSAP: A03
CVE-2026-12186 - HIGH
14/06/2026
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 4.7 is abl...
commandinjectionOWSAP: A03
CVE-2026-54413 - HIGH
14/06/2026
driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle_0x27_SecurityAccess() function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a single-byte 0x27 SecurityAccess request that follows any earlier well-formed 0x27 message. The handler reads ...
overflow
CVE-2026-54412 - HIGH
14/06/2026
LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqtt_unpack_publish_response() function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to crash a subscribed MQTT-C client and potentially disclose adjacent heap memory by sending a singl...
overflow
CVE-2026-54410 - HIGH
14/06/2026
nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP frame whose Length field is set to 255. The overflow corrupts the adjacent buffer-index field of the nanoMODBUS state stru...
overflow
CVE-2026-54420 - HIGH
14/06/2026
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.
CVE-2026-12174 - HIGH
13/06/2026
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
overflow
CVE-2026-12183 - CRITICAL
13/06/2026
Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=
authorisationproblemOWSAP: A07
CVE-2026-53838 - CRITICAL
12/06/2026
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to restore or present broader node authority than intended, potentially bypassing approval restrictions.
CVE-2026-53836 - HIGH
12/06/2026
OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass execution allowlist checks by using unrecognized encoded-command alias forms to execute arbitrary PowerShell content.
OWSAP: A03
CVE-2026-53831 - HIGH
12/06/2026
OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-local files and expose sensitive configuration data.
CVE-2026-53828 - HIGH
12/06/2026
OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access control, potentially executing privileged commands from unauthorized users.
authorisationproblemOWSAP: A01
CVE-2026-53822 - HIGH
12/06/2026
OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attackers can rebuild command arguments after allowlist approval to execute unapproved command shapes, potentially bypassing security controls.
CVE-2026-53821 - HIGH
12/06/2026
OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket connections to execute admin-gated Gateway RPCs.
authorisationproblemOWSAP: A01
CVE-2026-53609 - CRITICAL
12/06/2026
ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, `apos.util.set()` traverses dot-notation paths without sanitizing `__proto__`, allowing an authenticated editor to write arbitrary values to `Object.prototype` via the `$pullAll` patch operator. A confirmed gadget in `publicApiCheck()` causes this to bypass authorization on all piece-type RES...