CVE-2024-33897

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...

Ewon Cosy+ / Talk2M Remote Access Solution Improper Authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-043 Product: Ewon Cosy+ / Talk2M Remote Access Solution Manufacturer: HMS Industrial Networks AB Affected Versions: N.A. Tested Versions: N.A. Vulnerability Type: Improper Authentication CWE-287 Risk Level: High Solution Statu...

CVE-2024-33897

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...

CVE-2024-33897

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...

CVE-2024-33897

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...

CVE-2024-33897

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...

CVE-2024-33897

The CVE-2024-33897 issue affects HMS Networks Cosy+ remote-access devices where a compromised Cosy+ could request a Certificate Signing Request (CSR) from Talk2m for another device, creating an availability risk. Root cause: improper handling of CSR requests via Talk2m could be abused, as describ...

PT-2024-25534 · Hms Networks · Hms Networks Cosy+

Name of the Vulnerable Software and Affected Versions: HMS Networks Cosy+ affected versions not specified Description: The issue concerns improper authentication, allowing a compromised device to request a Certificate Signing Request for another device, potentially leading to an availability issu...

HMS Networks HMS Cosy+ 安全漏洞

HMS Networks HMS Cosy+ is an application for industrial remote access from the Swedish company HMS Networks. A security vulnerability exists in HMS Networks HMS Cosy+ that originates from a certificate signing request that can be used to request another device from Talk2m, leading to availability...

HMS Networks Ewon Flexy and Cosy

1. EXECUTIVE SUMMARY CVSS v3 2.3 ATTENTION: Low skill level to exploit Vendor: HMS Networks Equipment: Ewon Flexy and Cosy Vulnerability: Permissive Cross-domain Policy with Untrusted Domains 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to retrieve...