Lucene search
K

419 matches found

RedhatCVE
RedhatCVE
added 2026/02/25 4:17 p.m.5 views

CVE-2025-47904

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...

5.7CVSS5.4AI score0.00082EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 4:24 p.m.3 views

CVE-2025-47904

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...

4.1CVSS5.8AI score0.00082EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 4:24 p.m.6 views

CVE-2025-47904

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...

5.7CVSS0.00082EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/24 3:34 p.m.5 views

CVE-2025-47904 Unsigned upgrade package

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...

5.7CVSS5.4AI score0.00082EPSS
Exploits0References2
CVE
CVE
added 2026/02/24 3:34 p.m.11 views

CVE-2025-47904

CVE-2025-47904 affects Microchip Time Provider 4100. Root cause: missing integrity check during code download allows a malicious manual software update. Affected: Time Provider 4100 before version 2.5. Impact (per sources): potential compromise of software integrity and related systems during upg...

5.7CVSS5.4AI score0.00082EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/24 3:34 p.m.23 views

CVE-2025-47904 Unsigned upgrade package

Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...

5.7CVSS0.00082EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:51 p.m.3 views

EUVD-2026-4100

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress magiccarousel allows Reflected XSS.This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through = 1.6...

5.6AI score0.00237EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.8 views

CVE-2023-4100

Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions...

8.2CVSS5.9AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.14 views

CVE-2025-40939

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition...

5.1CVSS6.6AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.10 views

CVE-2025-40940

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application exhibits inconsistent SNMP behavior, such as unexpected service availability and unreliable configuration handling across protocol versions. This could allow an attacker to access sensitive data,...

6.9CVSS6.8AI score0.0032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.12 views

CVE-2023-29130

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control...

10CVSS6.9AI score0.00472EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.10 views

CVE-2023-49621

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device...

9.8CVSS7AI score0.00597EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.13 views

CVE-2023-49252

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition...

7.5CVSS6.9AI score0.00567EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.15 views

CVE-2023-49251

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device...

8.8CVSS6.9AI score0.00528EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.8 views

CVE-2025-40593

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0. The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition...

7.1CVSS7.2AI score0.00323EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/15 12:0 a.m.3 views

Siemens SIMATIC CN 4100 Access Control Error Vulnerability

The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. The Siemens SIMATIC CN 4100 suffers from an Access Control Error vulnerability that originates when the USB port allows an unauthenticated connection, which can be exploited by an attacker to cause a denial of service...

5.1CVSS6.9AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 11:33 a.m.12 views

CVE-2025-40941

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

5.3CVSS6.8AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 11:33 a.m.13 views

CVE-2025-40937

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited...

8.8CVSS7.6AI score0.00513EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.7 views

EUVD-2025-201919

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited...

8.7CVSS7.2AI score0.00513EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-201918

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

9.2CVSS6.1AI score0.00329EPSS
Exploits0References2
Rows per page
Query Builder