CVE-2024-45862 Cleartext Storage of Sensitive Information in Kastle Systems Access Control System

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information...

CVE-2024-45862 Cleartext Storage of Sensitive Information in Kastle Systems Access Control System

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information...

Kastle Systems Access Control System

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION : Exploitable remotely/low attack complexity Vendor : Kastle Systems Equipment : Access Control System Vulnerabilities : Use of Hard-coded Credentials, Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of...

CVE-2024-46800

creationtimestamp| type| source ---|---|--- 2024-09-18 10:52:40+00:00| published-proof-of-concept| https://t.me/cvedetector/5939 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-46702

creationtimestamp| type| source ---|---|--- 2024-09-13 09:36:13+00:00| seen| https://t.me/cvedetector/5569 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07 2025-12-03 14:14:49+00:00| seen|...

CVE-2024-46707

creationtimestamp| type| source ---|---|--- 2024-09-13 09:36:02+00:00| seen| https://t.me/cvedetector/5563 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07 2025-12-03 14:14:49+00:00| seen|...

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

CVE-2024-44999

creationtimestamp| type| source ---|---|--- 2024-09-04 22:47:30+00:00| seen| https://t.me/cvedetector/4862 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-45006

creationtimestamp| type| source ---|---|--- 2024-09-04 22:47:25+00:00| seen| https://t.me/cvedetector/4859 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-44989

creationtimestamp| type| source ---|---|--- 2024-09-04 22:47:22+00:00| seen| https://t.me/cvedetector/4856 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-44952

creationtimestamp| type| source ---|---|--- 2024-09-04 21:56:20+00:00| seen| https://t.me/cvedetector/4843 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

Vivavis 权限许可和访问控制问题漏洞

Vivavis is an automated control system from Vivavis, Inc. Vivavis suffers from a Permission Permission and Access Control Issues vulnerability that stems from an authorization issue contained in prunsrv.exe that could lead to arbitrary code execution...

CVE-2024-43871

creationtimestamp| type| source ---|---|--- 2024-08-21 04:00:47+00:00| seen| https://t.me/cvedetector/3718 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-25008

Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for examp...

CVE-2024-25008 Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability

Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for examp...

CVE-2024-25008

Ericsson RAN Compute and Site Controller 6610 is affected by an Improper Input Validation vulnerability that can lead to arbitrary code execution, including obtaining a Linux shell with attacker privileges. The issue affects Ericsson RAN Compute and Site Controller 6610 software, with exploitatio...

CVE-2024-7732

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...

CVE-2024-7732 SECOM Dr.ID Attendance system - Unrestricted File Upload

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...

CVE-2024-7731

The CVE-2024-7731 issue affects the SECOM Dr.ID Access Control System. Affected product: Dr.ID Access Control System from SECOM. Root cause: improper validation of a specific page parameter leads to SQL injection. Impact: unauthenticated remote attackers can read, modify, and delete database cont...

CVE-2024-37287

creationtimestamp| type| source ---|---|--- 2024-08-13 14:36:34+00:00| seen| https://t.me/cvedetector/3013 2024-11-14 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-13...