Lucene search
+L

60 matches found

Prion
Prion
added 2021/03/15 5:15 p.m.25 views

Stack overflow

A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...

5.8CVSS8.9AI score0.00852EPSS
Exploits0References2Affected Software15
Cvelist
Cvelist
added 2021/03/15 5:3 p.m.23 views

CVE-2021-25676

A vulnerability has been identified in RUGGEDCOM RM1224 V6.3, SCALANCE M-800 V6.3, SCALANCE S615 V6.3, SCALANCE SC-600 All Versions = V2.1 and V2.1.3. Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will...

7.6AI score0.0129EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2021/03/15 5:3 p.m.7 views

CVE-2021-25667

A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...

7.6AI score0.00852EPSS
Exploits0References2
CVE
CVE
added 2021/03/15 5:3 p.m.78 views

CVE-2021-25667

The CVE-2021-25667 vulnerability affects Siemens SCALANCE and RUGGEDCOM devices, involving a stack-based buffer overflow in handling STP BPDU frames. Affected products include:RUGGEDCOM RM1224 (v4.3–< v4.6), SCALANCE M-800 (v4.3–< v4.6), SCALANCE S615 (v4.3–< v4.6), SCALANCE XR-300WG (pr...

8.8CVSS8.8AI score0.00852EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/03/09 12:0 a.m.6 views

PT-2021-7788 · Siemens · Scalance X-200 +8

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RM1224 versions 4.3 through 6.3 SCALANCE M-800 versions 4.3 through 6.3 SCALANCE S615 versions 4.3 through 6.3 SCALANCE SC-600 Family versions 2.0 through 2.1.2 SCALANCE XB-200 versions prior to 4.1 SCALANCE XC-200 versions prior to...

8.8CVSS8.7AI score0.00852EPSS
Exploits0References6
NVD
NVD
added 2020/11/17 2:15 a.m.42 views

CVE-2020-25705

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...

7.4CVSS7.4AI score0.06692EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/11/17 2:15 a.m.81 views

CVE-2020-25705

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...

7.4CVSS7AI score0.06692EPSS
Exploits1References7
Prion
Prion
added 2020/11/17 2:15 a.m.37 views

Design/Logic Flaw

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...

5.8CVSS7AI score0.06692EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2020/11/17 1:16 a.m.602 views

CVE-2020-25705

CVE-2020-25705 is a Linux kernel ICMP handling flaw that lets an off-path attacker bypass UDP source port randomization and rapidly scan open UDP ports. Affected products include various kernel versions and embedded/Linux-based devices; remediation is via kernel updates (e.g., CentOS/AlmaLinux ad...

7.4CVSS7.3AI score0.06692EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/17 1:16 a.m.55 views

CVE-2020-25705

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...

7.5AI score0.06692EPSS
Exploits1References1
ICS
ICS
added 2019/09/10 12:0 a.m.529 views

ICSA-19-253-03_Siemens Industrial Products (Update P)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION...

8.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/07/05 12:0 a.m.19 views

Siemens SCALANCE S615 6GK5615-0AA00-2AA2 LAN router

Binary data 764596.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.22 views

Siemens Multiple Devices Profinet DCP Denial of Service

Binary data 720110.prm...

7.1CVSS7AI score0.01149EPSS
Exploits0References2
ICS
ICS
added 2017/11/17 12:0 a.m.235 views

Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Siemens --------- Begin Update C Part 1 of 3 -------- Equipment: SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 --------- End Update C Part 1 of 3 -------- Vulnerabilities: Resource...

9.8CVSS9.9AI score0.84925EPSS
Exploits16References9
NVD
NVD
added 2016/09/29 10:59 a.m.25 views

CVE-2016-7090

The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

4.3CVSS4.2AI score0.01895EPSS
Exploits0References3
OSV
OSV
added 2016/09/29 10:59 a.m.5 views

CVE-2016-7090

The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

4CVSS5.8AI score0.01895EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/09/29 10:0 a.m.29 views

CVE-2016-7090

The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

4.2AI score0.01895EPSS
Exploits0References3
CVE
CVE
added 2016/09/29 10:0 a.m.63 views

CVE-2016-7090

CVE-2016-7090 affects Siemens SCALANCE M-800 and S615 modules with firmware before 4.02. The integrated web server fails to set the Secure attribute on the session cookie in HTTPS, enabling cookie capture if the cookie is transmitted in an insecure (HTTP) context. Affected products: SCALANCE M-80...

4.3CVSS4.3AI score0.01895EPSS
Exploits0References3Affected Software1
ICS
ICS
added 2016/07/01 6:0 a.m.53 views

Siemens SCALANCE M-800/S615 Web Vulnerability

OVERVIEW Siemens has identified a web security vulnerability in Siemen’s SCALANCE M-800 and S615 modules. This vulnerability was reported directly to Siemens by Alexander Van Maele and Tijl Deneut from HOWEST. Siemens has produced a new firmware version to mitigate this vulnerability. AFFECTED...

4.3CVSS4.3AI score0.01895EPSS
Exploits0References10
ICS
ICS
added 2016/04/12 12:0 a.m.73 views

Siemens Industrial Products glibc Library Vulnerability (Update C)

OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-103-01B Siemens Industrial Products glibc Library Vulnerability that was published July 14, 2016, on the NCCIC/ICS-CERT web site. Siemens reports that a buffer overflow vulnerability in the glibc library could...

8.1CVSS0.5AI score0.89557EPSS
Exploits17References26
Rows per page
Query Builder