10 matches found
CVE-2024-33897
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...
Ewon Cosy+ / Talk2M Remote Access Solution Improper Authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-043 Product: Ewon Cosy+ / Talk2M Remote Access Solution Manufacturer: HMS Industrial Networks AB Affected Versions: N.A. Tested Versions: N.A. Vulnerability Type: Improper Authentication CWE-287 Risk Level: High Solution Statu...
CVE-2024-33897
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...
CVE-2024-33897
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...
CVE-2024-33897
The CVE-2024-33897 issue affects HMS Networks Cosy+ remote-access devices where a compromised Cosy+ could request a Certificate Signing Request (CSR) from Talk2m for another device, creating an availability risk. Root cause: improper handling of CSR requests via Talk2m could be abused, as describ...
CVE-2024-33897
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...
HMS Networks HMS Cosy+ 安全漏洞
HMS Networks HMS Cosy+ is an application for industrial remote access from the Swedish company HMS Networks. A security vulnerability exists in HMS Networks HMS Cosy+ that originates from a certificate signing request that can be used to request another device from Talk2m, leading to availability...
PT-2024-25534 · Hms Networks · Hms Networks Cosy+
Name of the Vulnerable Software and Affected Versions: HMS Networks Cosy+ affected versions not specified Description: The issue concerns improper authentication, allowing a compromised device to request a Certificate Signing Request for another device, potentially leading to an availability issu...
CVE-2024-33897
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024...
HMS Networks Ewon Flexy and Cosy
1. EXECUTIVE SUMMARY CVSS v3 2.3 ATTENTION: Low skill level to exploit Vendor: HMS Networks Equipment: Ewon Flexy and Cosy Vulnerability: Permissive Cross-domain Policy with Untrusted Domains 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to retrieve...