112 matches found
Siemens SIMATIC S7-1500 Incorrect Resource Transfer Between Spheres (CVE-2026-31431)
In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...
Siemens RUGGEDCOM RST2428P Uncontrolled Recursion (CVE-2025-8732)
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...
Siemens RUGGEDCOM RST2428P Integer Overflow or Wraparound (CVE-2025-13601)
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...
AVTECH Room Alert Cleartext Storage of Sensitive Information (CVE-2024-33470)
When an administrator authenticates with the device and browses the settings pages, the SMTP password is loaded from the device and presented in the DOM in plaintext. When settings are saved, the SMTP credentials are sent back to the device in plain text. This allows an actor with administrative...
Siemens APE1808 Insertion of Sensitive Information into Sent Data (CVE-2024-47569)
A insertion of sensitive information into sent data in Fortinet FortiManager Cloud 7.4.1 through 7.4.3, FortiVoice 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.7 through 6.0.12, FortiMail 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.9, FortiOS 7.6.0, 7.4.0 through 7.4.4, 7.2.0...
Siemens SCALANCE and RUGGEDCOM Covert Timing Channel (CVE-2025-27587)
OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVPDigestSign API, and then using the private key to extract the K value nonce from the signatures. Next, based on the bit size of t...
Hanwha Vision Camera Improper Privilege Management (CVE-2025-52599)
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered Inadequate of permission management for camera guest account. The manufacturer has released patch firmware for the flaw, please refer to the...
Hanwha Vision Camera Use of Hard-coded Cryptographic Key (CVE-2025-52601)
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T...
Siemens Ruggedcom ROX Improper Input Validation (CVE-2024-5642)
CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being not...
Siemens Ruggedcom ROX Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0850)
A vulnerability was found in linux kernel, where an information leak occurs via ext4extentheader to userspace. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Siemens Ruggedcom ROX Improper Input Validation (CVE-2023-47234)
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56838)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens Ruggedcom ROX Incorrect Authorization (CVE-2023-46753)
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Schneider Electric Modicon M340 Controller and Communication Modules Improper Input Validation (CVE-2025-6625)
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42153)
i2c: pnx: potential deadlock warning from deltimersync call in isr. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504657; scriptversion"1.3";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56688)
sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-45006)
xhci: Panther point NULL pointer deref at full-speed re-enumeration. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504787; scriptversion"1.3";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41035)
USB: core: duplicate endpoint bug. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504502; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53103)
hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50024)
net: unsafe loop on the list. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504469; scriptversion"1.2";...