841 matches found
CVE-2020-36982
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system...
CVE-2020-36981 Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges...
CVE-2025-41726
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41727
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41728
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41728
CVE-2025-41728 concerns Beckhoff Device Manager. Multiple sources describe a low-privilege remote attacker who can disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service, triggering an out-of-bounds read under...
CVE-2025-41728
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
EUVD-2025-206409
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41727
Beckhoff CVE-2025-41727 describes a local, low-privilege attacker bypassing authentication in the Device Manager user interface, enabling privileged operations and administrator access. Documented sources (NVD/Red Hat/CVE list) confirm the vulnerability exists in a Beckhoff component exposing a U...
EUVD-2025-206408
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41727
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41727 Beckhoff: Performing privileged operations and gaining administrator access
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41727 Beckhoff: Performing privileged operations and gaining administrator access
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41726
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726
CVE-2025-41726 affects Beckhoff components (Beckhoff: Arbitrary code execution within privileged processes). The connected records describe a low-privileged remote attacker who can issue specially crafted calls to the Device Manager web service or interact via an API, triggering integer overflows...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
EUVD-2025-206407
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...