7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of...
8.4CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
6.8CVSS
6.6AI Score
0.001EPSS
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from...
9.8CVSS
9.4AI Score
0.001EPSS
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory...
7.8CVSS
7.5AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged...
7.8CVSS
7.7AI Score
0.0004EPSS
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from...
7.5CVSS
7.6AI Score
0.001EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...
7.9CVSS
8AI Score
0.001EPSS
7.1CVSS
5.2AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the...
7.5CVSS
7.4AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not...
7.5CVSS
7.4AI Score
0.001EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in...
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to...
8.4CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update...
7.8CVSS
8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection...
9.3CVSS
9AI Score
0.0004EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...
6.8CVSS
6.8AI Score
0.001EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the...
4.9CVSS
5.7AI Score
0.001EPSS
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the...
4.9CVSS
5.7AI Score
0.001EPSS
Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the...
7.5CVSS
7.3AI Score
0.001EPSS
The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery...
6.5CVSS
4.6AI Score
0.001EPSS
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities...
9.8CVSS
10AI Score
0.005EPSS
A vulnerability has been identified in SIMATIC CFU DIQ (6ES7655-5PX31-1XX0), SIMATIC CFU PA (6ES7655-5PX11-0XX0), SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET 200pro IM154-8F PN/DP CPU (6ES7154-8FB01-0AB0), SIMATIC ET...
7.5CVSS
6.2AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on....
7.5CVSS
7.4AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol....
6.5CVSS
6.4AI Score
0.001EPSS
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200pro IM154-8 PN/DP CPU (6ES7154-8AB01-0AB0), SIMATIC ET...
7.5CVSS
7.4AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC TDC CP51M1 (All versions < V1.1.8), SIMATIC TDC CPU555 (All versions < V1.1.1), SINUMERIK 840D sl (All versions < V4.8.6), SINUMERIK 840D sl ...
7.5CVSS
7.2AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17),...
7.5CVSS
7.3AI Score
0.001EPSS
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp,...
6.5CVSS
6.4AI Score
0.002EPSS
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for...
7.5CVSS
7.3AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for...
7.5CVSS
7.5AI Score
0.002EPSS
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with...
7.5CVSS
7.3AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC CP...
6.5CVSS
6.3AI Score
0.001EPSS
HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before....
7.8CVSS
7.6AI Score
0.0004EPSS
A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to...
8.8CVSS
8.6AI Score
0.001EPSS
A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the...
5.3CVSS
5.2AI Score
0.0004EPSS
A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other...
7.5CVSS
7.4AI Score
0.002EPSS
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl....
5.9CVSS
6.1AI Score
0.002EPSS
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl....
7.5CVSS
7.4AI Score
0.004EPSS