CVE-2025-0681 New Rock Technologies Cloud Connected Devices Improper Neutralization of Wildcards or Matching Symbols

The Cloud MQTT service of the affected products supports wildcard topic subscription which could allow an attacker to obtain sensitive information from tapping the service communications...

CVE-2025-0681 New Rock Technologies Cloud Connected Devices Improper Neutralization of Wildcards or Matching Symbols

The Cloud MQTT service of the affected products supports wildcard topic subscription which could allow an attacker to obtain sensitive information from tapping the service communications...

CVE-2025-0680 New Rock Technologies Cloud Connected Devices has a Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.

Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...

CVE-2025-0680 New Rock Technologies Cloud Connected Devices has a Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.

Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...

CVE-2025-0680

The CVE-2025-0680 entry concerns New Rock Technologies Cloud Connected Devices suffering an OS command injection vulnerability in the device cloud RPC handling path. Affected software/components are the Cloud Connected Devices’ RPC command processing mechanism; root cause appears to be improper h...

CVE-2023-32346

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...

Information disclosure

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...

CVE-2023-32346

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether th...

Teltonika Remote Management System 安全漏洞

Teltonika Remote Management System is a Teltonika remote management system for managing Teltonika products. A security vulnerability exists in Teltonika Remote Management System versions prior to 4.10.0. An attacker exploiting this vulnerability could create a list containing the serial numbers a...

SICUNET Access Controller 安全漏洞

SICUNET Access Controller is a browser-based access from SICUNET China that allows you to connect your panel to our cloud servers so that you can access your panel without firewall settings. A security vulnerability exists in SICUNET Access Controller version 0.32-05z, which stems from a problem...

The Cloud in the clouds

Heading back to the airport to sit in another 747 pilot seat chair is always exciting. After our first research session on a grounded airplane this time we spent more time looking at the IFE In-Flight Entertainment system. We found very different results from the first plane. Rather than an old...

Microsoft acquires ReFirm Labs to enhance IoT security

Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of the intelligent edge has accelerated the number of these cloud-connected devices th...

Addressing cybersecurity risk in industrial IoT and OT

As the industrial Internet of Things IIoT and operational technology OT continue to evolve and grow, so too, do the responsibilities of the Chief Information Security Officer CISO. The CISO now needs to mitigate risks from cloud-connected machinery, warehouse systems, and smart devices scattered...

Addressing cybersecurity risk in industrial IoT and OT

As the industrial Internet of Things IIoT and operational technology OT continue to evolve and grow, so too, do the responsibilities of the Chief Information Security Officer CISO. The CISO now needs to mitigate risks from cloud-connected machinery, warehouse systems, and smart devices scattered...