176 matches found
CVE-2023-33378
Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
CVE-2021-27499
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows...
CVE-2020-27269
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences...
Large Language Models Are Autonomous Cyber Defenders
Fast and effective incident response is essential to prevent adversarial cyberattacks. Autonomous Cyber Defense ACD aims to automate incident response through Artificial Intelligence AI agents that plan and execute actions. Most ACD approaches focus on single-agent scenarios and leverage...
Elan Fingerprint Sensor Security Update
A potential vulnerability has been identified in certain HP PC products using Elan fingerprint sensor devices, which might allow operating system authentication bypass by spoofing. HP is releasing BIOS and fingerprint sensor driver updates to address the potential vulnerability. Elan has resolved...
CVE-2024-42483 ESP-NOW Replay Attacks Vulnerability
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are...
CVE-2021-38121 Weak communication protocol identified in Advance Authentication client application
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1...
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS via crafted commands...
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS via crafted commands...
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS via crafted commands...
CVE-2024-22815
CVE-2024-22815 affects the Tormach xsTECH CNC Router with PathPilot Controller v2.9.6, where a vulnerability in the communication protocol can be triggered by crafted commands to cause a Denial of Service. The issue is described across multiple sources without extensive exploit details; the Red H...
Design/Logic Flaw
A vulnerability has been identified in OpenPCS 7 V9.1 All versions, SIMATIC BATCH V9.1 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC Route Control V9.1 All versions, SIMATIC WinCC Runtime Professional V18 All versions, SIMATIC WinCC Runtime Professional V19 All versions, SIMATIC WinCC V7...
CVE-2023-48363
A vulnerability has been identified in OpenPCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC BATCH V9.1 All versions V9.1 SP2 UC05, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC Route Control V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 4,...
CVE-2023-48363
A vulnerability has been identified in OpenPCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC BATCH V9.1 All versions V9.1 SP2 UC05, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC Route Control V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 4,...
CVE-2023-46892
CVE-2023-46892 concerns the Meross MSH30Q (version 4.5.23) RF communication protocol. The issue is a replay attack vulnerability that allows recording and replay of previously captured RF commands to trigger unauthorized actions (e.g., thermostat temperature). Affected component is the device’s R...
MQTT vs AMQP
The Initial Overview: Learning about MQTT & AMQP In the dynamic arenas of Internet of Things IoT" and cloud computing, communication protocols that are robust, reliable and capable of handling high traffic volumes have become essential. The two protocols that have recently gained significant grou...
High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security
Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully...
CVE-2023-33377
Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers to execute arbitrary OS commands on devices...
CVE-2023-33375
Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices...
CVE-2023-33375
Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices...