60 matches found
CVE-2026-3611 Honeywell IQ4x BMS Controller Missing authentication for critical function
The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest level 100 context, granting read/write...
Kieback&Peter Neutrino-GLT 操作系统命令注入漏洞
Kieback&Peter Neutrino-GLT is a building management system from Kieback&Peter, Germany. Kieback&Peter Neutrino-GLT suffers from an operating system command injection vulnerability that stems from a shell command injection in the web component SM70 PHWEB login form, which could lead to the executi...
OpenBMCS 跨站请求伪造漏洞
OpenBMCS is a building management and control system from OpenBMCS Australia. A cross-site request forgery vulnerability exists in OpenBMCS version 2.4, which stems from a cross-site request forgery issue in the sendFeedback.php endpoint that could lead to the execution of an administrator action...
OpenBMCS 安全漏洞
OpenBMCS is a building management and control system from OpenBMCS Australia. A security vulnerability exists in OpenBMCS version 2.4 that stems from an information disclosure issue in the directory listing function that could lead to sensitive file access...
ABB EIBPORT
SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. A firmware update is available that resolves these privately reported vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited these...
EUVD-2025-25280
Malicious code in bioql PyPI...
EUVD-2025-25327
Malicious code in bioql PyPI...
CVE-2025-8449
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network...
CVE-2025-8448
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...
CVE-2025-8448
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...
CVE-2025-8448
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...
CVE-2025-8449
CVE-2025-8449 describes an CWE-400 Uncontrolled Resource Consumption vulnerability affecting Schneider Electric EcoStruxure Building Operation Enterprise Server/Enterprise Central/Workstation (BMS family). An authenticated user can send a specially crafted request to a specific endpoint within th...
CVE-2025-8449
CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network...
PT-2025-34059
Name of the Vulnerable Software and Affected Versions: SMB affected versions not specified Description: A vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and th...
PT-2025-34060
Name of the Vulnerable Software and Affected Versions: BMS affected versions not specified Description: An uncontrolled resource consumption issue exists that may lead to a denial of service. An authenticated user sending a specially crafted request to a specific endpoint within the BMS network c...
ABB Cylon Aspect 3.08.03 (MIX->NTPServlet) Time Manipulation
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect MIX's NTPServlet allows NTP config changes via the...
ABB Cylon Aspect 3.08.03 (projectUpdateBSXFileProcess.php) Remote Guest2Root Exploit
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is vulnerable to code execution and sudo...
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
Exploit title : ABB Cylon Aspect 4.00.00 factorySetSerialNum.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =4.00.00 Summary: ASPECT is an award-winning scalable buildi...
ABB Cylon Aspect 3.08.03 (MapServicesHandler) - Authenticated Reflected XSS
ABB Cylon Aspect 3.08.03 MapServicesHandler - Authenticated Reflected XSS Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalable building energy...
ABB Cylon Aspect 3.08.03 (CookieDB) - SQL Injection
ABB Cylon Aspect 3.08.03 CookieDB SQL Injection Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalable building energy management and control soluti...