EUVD-2022-35437

Malicious code in bioql PyPI...

EUVD-2022-35436

Malicious code in bioql PyPI...

EUVD-2022-35435

Malicious code in bioql PyPI...

EUVD-2022-37419

Malicious code in bioql PyPI...

EUVD-2022-35434

Malicious code in bioql PyPI...

CVE-2022-30229

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known...

CVE-2022-34464

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.7.3. The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that fi...

CVE-2022-30230

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions...

CVE-2022-30231

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application discloses password hashes of other users upon request. This could allow an authenticated user to retrieve another user's password hash...

CVE-2022-30228

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected software does not apply cross-origin resource sharing CORS restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could...

Siemens SICAM GridEdge Access Control Error Vulnerability

SICAM GridEdge can make your existing IEC61850 devices IoT capable with just a few clicks.An access control error vulnerability exists in Siemens SICAM GridEdge, which could be exploited by an attacker with access to the file system of the host computer running SICAM GridEdge to inject a custom S...

CVE-2022-34464

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.7.3. The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that fi...

Design/Logic Flaw

A vulnerability has been identified in SICAM GridEdge Essential ARM All versions, SICAM GridEdge Essential Intel All versions V2.7.3, SICAM GridEdge Essential with GDS ARM All versions, SICAM GridEdge Essential with GDS Intel All versions V2.7.3. Affected software uses an improperly protected fil...

CVE-2022-34464

A vulnerability has been identified in SICAM GridEdge Classic All versions V2.7.3. The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that fi...

CVE-2022-34464

CVE-2022-34464 affects Siemens SICAM GridEdge (Classic) and GridEdge Essential variants, where an improperly protected file used to import SSH keys can be written by a user with host filesystem access. Affected versions include SICAM GridEdge GridEdge Essential Intel/ARM (all versions before v2.7...

Siemens SICAM GridEdge Essential 安全漏洞

SICAM GridEdge can make your existing IEC61850 devices IoT capable with just a few clicks.An access control error vulnerability exists in Siemens SICAM GridEdge, which could be exploited by an attacker with access to the file system of the host computer running SICAM GridEdge to inject a custom S...

Siemens SICAM GridEdge

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM GridEdge Vulnerability: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION The SICAM GridEdge software contains an improper access control vulnerability, which could allow...

Siemens SICAM GridEdge Authentication Error Vulnerability

SICAM GridEdge enables IoT functionality in your existing IEC 61850 devices with just a few clicks.Siemens SICAM GridEdge is vulnerable to an authentication error, which stems from the fact that the affected software does not require authenticated access to privileged functions and can be exploit...

Siemens SICAM GridEdge Source Authentication Error Vulnerability

SICAM GridEdge enables IoT functionality in your existing IEC61850 devices with just a few clicks.A source authentication error vulnerability in Siemens SICAM GridEdge is caused by the fact that the affected software does not apply cross-domain resource sharing CORS restrictions to critical...

Siemens SICAM GridEdge Resource Leakage Vulnerability

SICAM GridEdge enables your existing IEC61850 devices to have IoT functionality with just a few clicks.A resource leak vulnerability exists in Siemens SICAM GridEdge, which stems from the fact that the affected software discloses the password hash of another user upon request, which can be...