Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26787)

mmc: mmci: stm32: Fixed issue with overlapping mappings in the DMA API. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503720; scriptversion"1.2"...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Race Condition (CVE-2024-41005)

netpoll: race condition in netpollowneractive KCSAN detected a race condition in netpoll. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503618;...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-57986)

HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503502;...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-44935)

sctp: Fix null-ptr-deref in reuseportaddsock. A Null Pointer Dereference in reuseportaddsock while accessing sk2-skreuseportcb . The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21795)

NFSD: hang in nfsd4shutdowncallback. If nfs4client is in courtesy state then there is no point to send the callback. This causes nfsd4shutdowncallback to hang since clcbinflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped. This plugin only...

Siemens SIMATIC Devices Use After Free (CVE-2023-1652)

A use-after-free flaw was found in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC Devices Out-of-bounds Write (CVE-2024-35976)

xsk: validate user input for XDPUMEM|COMPLETIONFILLRING This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503413; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Out-of-bounds Read (CVE-2024-47723)

In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should ...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-39482)

bcache: Variable length array abuse in btreeiter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503456; scriptversion"1.3";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26651)

sr9800: Local Denial of Service Vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503678; scriptversion"1.2";...

Siemens SIMATIC Devices Use of a Broken or Risky Cryptographic Algorithm (CVE-2023-50781)

A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21640)

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

Siemens SIMATIC Devices Allocation of Resources Without Limits or Throttling (CVE-2024-26935)

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Use After Free (CVE-2024-50121)

nfsd: problematic nfsdshrinkerwork using sync mode in nfs4stateshutdownnet. In the normal case, when we excute echo 0 /proc/fs/nfsd/threads, the function nfs4statedestroynet in nfs4stateshutdownnet will release all resources related to the hashed nfs4client. This plugin only works with Tenable.ot...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Out-of-bounds Read (CVE-2024-49902)

jfs: vulnerability caused by assigning msmgpu-pdev earlier in the initialization process to prevent null pointer dereferences in msmgpucleanup. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38599)

jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the xattr nodes aren't split into parts and spread across multiple eraseblocks, which means...

Siemens SIMATIC Devices Use After Free (CVE-2023-47233)

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this could be exploited in a real world scenario. This is related to...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35828)

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: some memleaks in lbsallocatecmdbuffer In the for statement of lbsallocatecmdbuffer, if the allocation of cmdarrayi.cmdbuf fails, both cmdarray and cmdarrayi.cmdbuf needs to be freed. Otherwise, there will be...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26642)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Use After Free (CVE-2025-21726)

padata: avoid UAF for reorderwork This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503410; scriptversion"1.2";...