56 matches found
EUVD-2016-6723
Malware in sbrugna...
EUVD-2023-38513
Malicious code in bioql PyPI...
EUVD-2023-40777
Malicious code in bioql PyPI...
EUVD-2023-38517
Malicious code in bioql PyPI...
CVE-2022-29952
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols 60005/TCP, 60007/TCP for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration BNMC software. These protocol...
CVE-2022-29953
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...
CVE-2023-36857
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access...
CVE-2023-34437
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device...
CVE-2023-36857
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access...
CVE-2023-34441
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests...
CVE-2023-34437
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device...
CVE-2023-34441
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests...
Code injection
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access...
Design/Logic Flaw
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests...
Design/Logic Flaw
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device...
CVE-2023-36857
CVE-2023-36857 affects Baker Hughes Bently Nevada 3500 System TDI Firmware version 5.05. The vulnerability is an authentication bypass by capture-replay: the device can accept out-of-sequence messages from older communications, allowing an attacker to replay captured traffic to gain access. Impac...
CVE-2023-36857 Baker Hughes Bently Nevada 3500 System Authentication Bypass by Capture-replay
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access...
CVE-2023-36857 Baker Hughes Bently Nevada 3500 System Authentication Bypass by Capture-replay
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access...
CVE-2023-34437
CVE-2023-34437 affects Baker Hughes Bently Nevada 3500 System TDI Firmware 5.05. The vulnerability is in the password retrieval functionality and could allow an attacker to access passwords stored on the device. The NVD and CISA-ICS advisories identify the affected appliance as the Bently Nevada ...
CVE-2023-34437 Baker Hughes Bently Nevada 3500 System Incorrect Permission Assignment for Critical Resource
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device...