Lucene search
K

8 matches found

CISA
CISA
added 2025/08/19 12:0 p.m.5 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...

7.1AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/08 4:17 p.m.5 views

CVE-2025-46414 EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts

The affected product does not limit the number of attempts for inputting the correct PIN for a registered product, which may allow an attacker to gain unauthorized access using brute-force methods if they possess a valid device serial number. The API provides clear feedback when the correct PIN i...

9.2CVSS6.8AI score0.00327EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/08 4:17 p.m.10 views

CVE-2025-46414 EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts

The affected product does not limit the number of attempts for inputting the correct PIN for a registered product, which may allow an attacker to gain unauthorized access using brute-force methods if they possess a valid device serial number. The API provides clear feedback when the correct PIN i...

9.2CVSS0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/08 4:9 p.m.3 views

CVE-2025-53520 EG4 Electronics EG4 Inverters Download of Code Without Integrity Check

The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center remote, cloud-connected interface or via a serial connection, and can install these files without integrity checks. The TTComp archive format...

8.8CVSS6.7AI score0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/08 4:0 p.m.8 views

CVE-2025-52586 EG4 Electronics EG4 Inverters Cleartext Transmission of Sensitive Information

The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept, manipulate, replay, or forge critical data, including read/write...

7.5CVSS0.00074EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.4 views

EG4 Electronics EG4 Inverters 安全漏洞

EG4 Electronics EG4 Inverters is a series of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from an unlimited number of PIN attempts leading to a brute force cracking attack...

9.2CVSS6.5AI score0.00327EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.4 views

EG4 Electronics EG4 Inverters 安全漏洞

EG4 Electronics EG4 Inverters is a series of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from the unencrypted transmission of MOD3 command traffic, which could lead to data interception and tampering...

7.5CVSS6.6AI score0.00074EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.5 views

EG4 Electronics EG4 Inverters 安全漏洞

EG4 Electronics EG4 Inverters is a line of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from a difference in the response of the product registration endpoint server to the status of different serial numbers, which cou...

6.9CVSS6.3AI score0.00277EPSS
Exploits0References3
Rows per page
Query Builder