EUVD-2023-12155

Malicious code in bioql PyPI...

CVE-2023-0053

SAUTER Controls Nova 200–220 Series (firmware 3.3-006 and earlier) and BACnetstac 4.2.1 and earlier expose credentials in cleartext because device management relies on FTP/Telnet. CVE-2023-0053 documents cleartext transmission of sensitive information and potential credential exposure, with an im...

CVE-2023-0053 SAUTER Controls Nova 200–220 Series Cleartext Transmission of Sensitive Information

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could...

CVE-2023-0052

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

CVE-2023-0052

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

Design/Logic Flaw

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

CVE-2023-0052

SAUTER Controls Nova 200–220 Series (firmware 3.3-006 and earlier) and BACnetstac 4.2.1 and earlier are affected by CVE-2023-0052 due to missing authentication for a critical function, allowing command execution without credentials. Telemetry shows Telnet and FTP are the only device-management pr...

PT-2023-15973 · Sauter · Sauter Controls Nova 200–220 Series

Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior BACnetstac versions 4.2.1 and prior Description: The issue affects device management, where sensitive information such as credentials is sent in cleartext through FTP and Telnet...

Sauter AG Controls Nova 访问控制错误漏洞

Sauter AG Controls Nova is an intelligent building automation system from Sauter AG, Switzerland. An access control error vulnerability exists in Sauter AG Controls Nova 200-220 Series firmware version 3.3-006 and earlier, and BACnetstac version 4.2.1 and earlier, which stems from the fact that i...

Sauter AG Controls Nova 安全漏洞

Sauter AG Controls Nova is an intelligent building automation system from Sauter AG, Switzerland. A security vulnerability exists in Sauter AG Controls Nova 200-220 Series firmware version 3.3-006 and earlier and BACnetstac version 4.2.1 and earlier, which stems from the fact that only FTP and...

PT-2023-7518 · Sauter · Sauter Controls Nova 106 +2

Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior SAUTER Controls Nova 230 versions affected versions not specified SAUTER Controls Nova 106 versions affected versions not specified BACnetstac version 4.2.1 and prior Description:...