24 matches found
EUVD-2023-48479
Malicious code in bioql PyPI...
EUVD-2023-42356
Malicious code in bioql PyPI...
EUVD-2024-26158
Malicious code in bioql PyPI...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
CVE-2024-29119 affects Siemens Spectrum Power 7 prior to V24Q3. The product contains root-owned SUID binaries that authenticated local attackers could leverage to escalate privileges (local, low complexity). CVSS vectors in the initial record indicate High impact to confidentiality, integrity, an...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
Code injection
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2023-44120
SIEMENS Spectrum Power 7 (all versions before V23Q4) has CVE-2023-44120: an incorrect permission assignment in the sudo configuration allows an authenticated local attacker to run entries as root, potentially injecting arbitrary code and gaining root access. Affected product: Spectrum Power 7 (SC...
Siemens Spectrum Power 7
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Spectrum Power 7 Local Elevation of Privilege Vulnerability
Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. A local elevation of privilege vulnerability exists in...
CVE-2023-38557
A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...
CVE-2023-38557
A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...
Improper access control
A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...