8 matches found
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...
CVE-2025-46414 EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts
The affected product does not limit the number of attempts for inputting the correct PIN for a registered product, which may allow an attacker to gain unauthorized access using brute-force methods if they possess a valid device serial number. The API provides clear feedback when the correct PIN i...
CVE-2025-46414 EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts
The affected product does not limit the number of attempts for inputting the correct PIN for a registered product, which may allow an attacker to gain unauthorized access using brute-force methods if they possess a valid device serial number. The API provides clear feedback when the correct PIN i...
CVE-2025-53520 EG4 Electronics EG4 Inverters Download of Code Without Integrity Check
The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center remote, cloud-connected interface or via a serial connection, and can install these files without integrity checks. The TTComp archive format...
CVE-2025-52586 EG4 Electronics EG4 Inverters Cleartext Transmission of Sensitive Information
The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept, manipulate, replay, or forge critical data, including read/write...
EG4 Electronics EG4 Inverters 安全漏洞
EG4 Electronics EG4 Inverters is a series of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from an unlimited number of PIN attempts leading to a brute force cracking attack...
EG4 Electronics EG4 Inverters 安全漏洞
EG4 Electronics EG4 Inverters is a series of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from the unencrypted transmission of MOD3 command traffic, which could lead to data interception and tampering...
EG4 Electronics EG4 Inverters 安全漏洞
EG4 Electronics EG4 Inverters is a line of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from a difference in the response of the product registration endpoint server to the status of different serial numbers, which cou...