2877 matches found
CVE-2022-31484
CVE-2022-31484 corresponds to an unauthenticated vulnerability in HID Mercury-based panels (notably the LenelS2 LNL-4420 family) that allows an attacker to perform unauthenticated user modification. The Trellix disclosures consolidate this under the broader set of HID Mercury issues and note it a...
CVE-2022-31483 Arbitrary file write via authenticated OSDP file upload
An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contai...
CVE-2022-31482
CVE-2022-31482 is an unauthenticated memory-corruption vector in HID Mercury LNL-4420 devices (advanced_networking.cgi) where an overlong AcctStr string copied via strcpy triggers a crash and forced reboot. This creates an unauthenticated reboot primitive (DoS), and Trellix documents this as part...
CVE-2022-31481
CVE-2022-31481 is an unauthenticated firmware upload vulnerability in HID Mercury/LNL-4420 panels (Mercury LP/EP series context in vendor disclosures) that enables remote arbitrary code execution via a buffer overflow during firmware image processing. Specifically, the firmware update flow in a C...
CVE-2022-31481 Remote Code Execution via buffer overflow in firmware update process
An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP seri...
CVE-2022-31480 Unauthenticated Firmware Upload and Arbitrary Reboot
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service DoS. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior t...
CVE-2022-31479
CVE-2022-31479 is an unauthenticated command-injection vulnerability in HID Mercury LNL-4420/EP family web interfaces. Researchers describe that the hostname field in the Network settings is parsed server-side and passed to a system() call during startup (DHCP/udhcpc flow), allowing an attacker-c...
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, relates to the lack of data encryption measures. This allows a perpetrator to retrieve the credentials for authentication purposes.
The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, lies in the lack of data encryption measures. Exploiting this vulnerability could allow a malicious actor to retrieve authentication credentials fo...
CVE-2022-31485
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior t...
CVE-2022-31481
An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP seri...
CVE-2022-31480
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service DoS. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior t...
CVE-2022-31486
An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...
CVE-2022-31482
An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29...
CVE-2022-31483
An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contai...
CVE-2022-31479
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which...
CVE-2022-1797
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownloa...
Design/Logic Flaw
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownloa...
CVE-2022-1797 Rockwell Automation Logix Controllers Uncontrolled Resource Consumption
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownloa...
CVE-2022-1797
CVE-2022-1797 affects Rockwell Automation Logix Controllers. A malformed Class 3 industrial protocol message with a cached connection can trigger a denial-of-service, causing a major nonrecoverable fault and requiring a fault clear and re-downloading the user project to restore operation. Affecte...
CVE-2022-1797 Rockwell Automation Logix Controllers Uncontrolled Resource Consumption
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownloa...