Edge Security Vulnerabilities
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the....
7.8CVSS
7.6AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the.....
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the....
7.8CVSS
7.6AI Score
0.001EPSS
A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions <...
7.8CVSS
7.6AI Score
0.001EPSS
6.5CVSS
6.8AI Score
0.001EPSS
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not...
7.8CVSS
7.5AI Score
0.0004EPSS
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not...
5.5CVSS
5.2AI Score
0.0004EPSS
4.7CVSS
5AI Score
0.001EPSS
4.3CVSS
4.8AI Score
0.001EPSS
6.5CVSS
6.7AI Score
0.001EPSS
4.3CVSS
4.5AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.003EPSS
6.3CVSS
6.3AI Score
0.001EPSS
An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator...
9.8CVSS
9.4AI Score
0.001EPSS
8.8CVSS
8.5AI Score
0.004EPSS
6.1CVSS
5.7AI Score
0.001EPSS
5.4CVSS
5.4AI Score
0.001EPSS
4.3CVSS
4.7AI Score
0.001EPSS
4.7CVSS
4.7AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.002EPSS
3.1CVSS
5AI Score
0.001EPSS
8.3CVSS
8.2AI Score
0.001EPSS
7.5CVSS
7.8AI Score
0.001EPSS
8.2CVSS
8.2AI Score
0.001EPSS
6.5CVSS
6.4AI Score
0.008EPSS
6.1CVSS
6.6AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of...
7.5CVSS
7.9AI Score
0.001EPSS
In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system...
9.8CVSS
9.2AI Score
0.839EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute cod...
7.8CVSS
5.7AI Score
0.002EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability...
5.5CVSS
5.2AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
4.7CVSS
5.7AI Score
0.001EPSS
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not...
5.9CVSS
5.5AI Score
0.0005EPSS
In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not...
5.9CVSS
5.7AI Score
0.0005EPSS
4.3CVSS
4.8AI Score
0.001EPSS
5.7CVSS
6.4AI Score
0.001EPSS
6.1CVSS
6.6AI Score
0.001EPSS
3.7CVSS
5.4AI Score
0.001EPSS
4.3CVSS
4.8AI Score
0.002EPSS
6.1CVSS
6.6AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw.....
7.8CVSS
7.8AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw.....
7.8CVSS
7.8AI Score
0.001EPSS
This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
7.1CVSS
6.6AI Score
0.008EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
7.8CVSS
7.8AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw.....
7.8CVSS
7.8AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw.....
7.8CVSS
7.8AI Score
0.001EPSS
8.2CVSS
8AI Score
0.005EPSS
The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the...
9.8CVSS
6.1AI Score
0.002EPSS
The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of...
6.1CVSS
6.6AI Score
0.001EPSS