CVE-2022-50981

CVE-2022-50981 affects Innomic VibroLine VLX HD 5.0 and avibia AVLX (per CVE records). Affected devices are shipped with no password by default, and password setting is not enforced. This creates an unauthenticated remote access risk where an attacker could gain full control. The Red Hat, NVD, CV...

CVE-2022-50981 Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...

CVE-2022-50980

CVE-2022-50980 affects Innomic VibroLine VLX and avibia AVLX devices. Affected component is the CAN bus configuration handling, where an unauthenticated adjacent attacker can switch between multiple configuration presets, potentially disrupting operations. The root cause is unauthenticated access...

CVE-2022-50980 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via CAN

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...

CVE-2022-50979 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (RS485)

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...

CVE-2022-50979 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (RS485)

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...

CVE-2022-50979

CVE-2022-50979 affects Innomic VibroLine VLX and avibia AVLX devices. An unauthenticated adjacent attacker can disrupt operations by switching between multiple configuration presets via Modbus (RS485). The impact is focused on availability (disruption of operations) with no confidentiality/integr...

CVE-2022-50978 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (TCP)

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

CVE-2022-50978 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (TCP)

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

CVE-2022-50977

The CVE-2022-50977 issue affects Innomic VibroLine VLX and avibia AVLX devices, allowing an unauthenticated remote attacker to switch between multiple configuration presets via HTTP, potentially disrupting operations. The root cause is unauthenticated HTTP access enabling preset changes, with a h...

CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...