Edge Security Vulnerabilities
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address...
7.5CVSS
7.4AI Score
0.002EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
8.2CVSS
7.8AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.8AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI...
5.6CVSS
4.5AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
8.2CVSS
7.8AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.8AI Score
0.0004EPSS
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during...
7.8CVSS
7.4AI Score
0.0004EPSS
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in...
7.8CVSS
7.9AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI...
5.6CVSS
4.5AI Score
0.0004EPSS
5.3CVSS
6.8AI Score
0.001EPSS
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because....
10CVSS
9.4AI Score
0.002EPSS
A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). The affected application contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
7.8AI Score
0.001EPSS
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path...
7.4CVSS
7.1AI Score
0.001EPSS
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration...
7.5CVSS
7.4AI Score
0.012EPSS
Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute....
7.6AI Score
0.002EPSS
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a...
7.8CVSS
8.1AI Score
0.0004EPSS
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a...
7.8CVSS
8.2AI Score
0.0004EPSS
7.7CVSS
8.6AI Score
0.002EPSS
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during...
7CVSS
6.6AI Score
0.0004EPSS
Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in...
7.8CVSS
7.9AI Score
0.001EPSS
Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during...
7.9CVSS
7.6AI Score
0.0004EPSS
Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security...
7.8CVSS
7.5AI Score
0.0004EPSS
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during...
8.2CVSS
8.6AI Score
0.0004EPSS
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network...
9.8CVSS
9.8AI Score
0.002EPSS
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5.2AI Score
0.0004EPSS
7.5CVSS
8.2AI Score
0.002EPSS
9.6CVSS
9AI Score
0.002EPSS
8.3CVSS
8.9AI Score
0.007EPSS
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not...
7.5CVSS
7.4AI Score
0.001EPSS
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not...
7.5CVSS
7.4AI Score
0.001EPSS
8.3CVSS
7.7AI Score
0.002EPSS
8.3CVSS
7.6AI Score
0.003EPSS
8.3CVSS
7.7AI Score
0.003EPSS
8.3CVSS
7.7AI Score
0.003EPSS
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers...
7.5CVSS
8AI Score
0.002EPSS
8.3CVSS
8.6AI Score
0.032EPSS
8.3CVSS
8AI Score
0.003EPSS
4.3CVSS
4.4AI Score
0.001EPSS
8.3CVSS
8AI Score
0.003EPSS
A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could.....
8.6CVSS
7.5AI Score
0.001EPSS
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a...
6.5CVSS
6.3AI Score
0.001EPSS
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If...
7.1CVSS
6.8AI Score
0.001EPSS
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be...
7.5CVSS
7.5AI Score
0.002EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS