CVE-2024-45832 Ossur Mobile Logic Application Use of Hard-coded Credentials

Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attacker could access unauthorized information...

CVE-2024-54681 Ossur Mobile Logic Application Command Injection

Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an attacker that has already full access to the mobile platform to compromise the translations for the application...

CVE-2024-54681 Ossur Mobile Logic Application Command Injection

Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an attacker that has already full access to the mobile platform to compromise the translations for the application...

CVE-2024-53683 Ossur Mobile Logic Application Exposure of Sensitive System Information to an Unauthorized Control Sphere

A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use...

CVE-2024-53683 Ossur Mobile Logic Application Exposure of Sensitive System Information to an Unauthorized Control Sphere

A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use...

Ossur Mobile Logic Application 信任管理问题漏洞

Ossur Mobile Logic Application is an intelligent application for bionic prosthetics from Ossur. A trust management issue vulnerability exists in Ossur Mobile Logic Application versions prior to 1.5.5, which stems from hard-coded credentials being included in the application binary, allowing an...

Ossur Mobile Logic Application 安全漏洞

Ossur Mobile Logic Application is an intelligent application for bionic prosthetics from Ossur. A security vulnerability exists in Ossur Mobile Logic Application versions prior to 1.5.5 that originates from exposing sensitive system information to unauthorized control...

Ossur Mobile Logic Application 命令注入漏洞

Ossur Mobile Logic Application is an intelligent application for bionic prosthetics from Ossur. A command injection vulnerability exists in Ossur Mobile Logic Application versions prior to 1.5.5, which stems from the presence of multiple bash files in the application's private directory, which ca...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on December 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600...