ALBEDO Telecom Net.Time - PTP/NTP clock

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

Planet Technology Network Products

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read or manipulate device data, gain administrative privileges, or alter database entries. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08353)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateDatabaseSettings, which can be exploited by an attacker to bypas...

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockTcmSettings, which can be exploited by an attacker to bypass...

Growatt Cloud Applications

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or code execution on affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

Lantronix XPort (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker unauthorized access to the configuration interface and cause disruption to monitoring and operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

Security Bulletin: IBM Aspera Faspex 5 has addressed multiple vulnerabilities (CVE-2023-37412, CVE-2023-37398, CVE-2023-37413, CVE-2023-35907)

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Aspera Faspex 5.0.11 Vulnerability Details CVEID:CVE-2023-37412 DESCRIPTION: IBM Aspera Faspex could allow a privileged user to make system changes without proper access controls. CWE:CWE-284:...

CVE-2025-2440

creationtimestamp| type| source ---|---|--- 2025-04-09 10:47:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11039 2025-04-09 14:15:54+00:00| seen| https://t.me/cvedetector/22554 2025-04-17 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-107-01...

Siemens Solid Edge

SUMMARY Solid Edge is affected by an out of bounds write vulnerability that could be triggered when the application is parsing XT data or a specially crafted file in XT format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the...

Siemens Industrial Edge Device Kit

SUMMARY Industrial Edge Device Kit contains a weak authentication vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Industrial Edge Device Builders integrate Industrial Edge Device Kit into their offerings...

Siemens SENTRON 7KT PAC1260 Data Manager

SUMMARY SENTRON 7KT PAC1260 Data Manager is affected by multiple vulnerabilities as listed below. Software fixes can no longer be provided for The SENTRON 7KT PAC1260 Data Manager. This advisory documents the known open vulnerabilities. To fix the vulnerabilities, Siemens recommends to replace...

Siemens License Server (SLS)

SUMMARY Siemens License Server before V4.3 contains various vulnerabilities that could allow a low-privileged local user to escalate privileges or perform arbitrary code execution. Siemens has released a new version for Siemens License Server SLS and recommends to update to the latest version...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2025-1315)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GeoVision ASManager Windows Application Credentials Disclosure Vulnerability

GeoVision ASManager GV-ASManager is an access control system developed by the Chinese company GeoVision. A credential disclosure vulnerability exists in the GeoVision ASManager Windows Application due to improper memory handling in the ASManagerService.exe process. An attacker can exploit this...

B&R Industrial Automation B&R APROL 访问控制错误漏洞

B&R Industrial Automation B&R APROL is a process control system from B&R Industrial Automation, Austria. An access control error vulnerability exists in B&R Industrial Automation B&R APROL versions prior to 4.4-01, which stems from a lack of critical function authentication in the GRUB...

B&R APROL

SUMMARY Updates are available that resolve privately reported vulnerabilities in the product versions listed as affected in this advisory. An attacker who successfully exploits these vulnerabilities could elevate privileges or gather sensitive information. 2. MITIGATING FACTORS Mitigating...

SMA Sunny Portal

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload and remotely execute code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

The vulnerability in the web service of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, allows a perpetrator to execute arbitrary code.

The vulnerability of the web service of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this...

Sungrow iSolarCloud Android App, WiNet Firmware

RISK EVALUATION Successful exploitation of these vulnerabilities could result in attackers being able to access and could modify sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

Philips Intellispace Cardiovascular (ISCV)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to replay the session of the logged in ISCV user and gain access to patient records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...