419 matches found
CVE-2025-47904
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47904
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47904
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47904 Unsigned upgrade package
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
CVE-2025-47904
CVE-2025-47904 affects Microchip Time Provider 4100. Root cause: missing integrity check during code download allows a malicious manual software update. Affected: Time Provider 4100 before version 2.5. Impact (per sources): potential compromise of software integrity and related systems during upg...
CVE-2025-47904 Unsigned upgrade package
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
EUVD-2026-4100
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress magiccarousel allows Reflected XSS.This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through = 1.6...
CVE-2023-4100
Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions...
CVE-2025-40939
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition...
CVE-2025-40940
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application exhibits inconsistent SNMP behavior, such as unexpected service availability and unreliable configuration handling across protocol versions. This could allow an attacker to access sensitive data,...
CVE-2023-29130
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control...
CVE-2023-49621
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device...
CVE-2023-49252
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition...
CVE-2023-49251
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device...
CVE-2025-40593
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0. The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition...
Siemens SIMATIC CN 4100 Access Control Error Vulnerability
The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. The Siemens SIMATIC CN 4100 suffers from an Access Control Error vulnerability that originates when the USB port allows an unauthenticated connection, which can be exploited by an attacker to cause a denial of service...
CVE-2025-40941
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...
CVE-2025-40937
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited...
EUVD-2025-201919
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited...
EUVD-2025-201918
A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...