Lucene search
K

48 matches found

RedhatCVE
RedhatCVE
added 2025/07/05 5:19 p.m.7 views

CVE-2025-6072

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.Thi...

8.2CVSS6.4AI score0.00326EPSS
Exploits0References1
NVD
NVD
added 2025/07/03 5:15 p.m.5 views

CVE-2025-6073

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer...

8.2CVSS0.00356EPSS
Exploits0References1
NVD
NVD
added 2025/07/03 5:15 p.m.8 views

CVE-2025-6072

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.Thi...

8.2CVSS0.00326EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 4:53 p.m.4 views

CVE-2025-6072 Stack Buffer Overflow in MQTTCore

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.Thi...

8.2CVSS6.5AI score0.00326EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 4:49 p.m.2 views

CVE-2025-6073 Stack Buffer Overflow in MQTTCore

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer...

8.2CVSS7AI score0.00356EPSS
Exploits0References1
CVE
CVE
added 2025/07/03 4:49 p.m.24 views

CVE-2025-6073

CVE-2025-6073 is a stack-based buffer overflow in ABB RMC-100 and RMC-100 LITE caused by REST interface exposure. It affects RMC-100 builds 2105457-043 to 2105457-045 and RMC-100 LITE builds 2106229-015 to 2106229-016. The issue is tied to CVE-2025-6074, which describes a related hard-coded key v...

8.2CVSS7.9AI score0.00356EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.7 views

PT-2025-27817 · Abb · Abb Rmc-100 +1

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016 Description: A Stack-based Buffer Overflow issue exists when the REST interface is enabled and an attacker gains access to the...

8.2CVSS7AI score0.00356EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2025/05/22 8:24 a.m.20 views

FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma aka LummaC or LummaC2, seizing 2,300 domains that acted as the command-and-control C2...

6.9AI score
Exploits0
ICS
ICS
added 2025/03/25 1:30 p.m.20 views

Hitachi Energy TRMTracker

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the TRMTracker product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality and integrity impacts. Please refer to the Recommended Immediate Actions for...

7.9AI score
Exploits0References9
CVE
CVE
added 2025/03/11 4:59 p.m.128 views

CVE-2025-24996

CVE-2025-24996 : Affects Windows NTLM. External control of a file name or path enables an unauthorized network spoofing scenario, potentially allowing impersonation over a network. CVSSv3.1 base 6.5 (Network attack, low complexity, no privileges required, user interaction required; CIA: high conf...

6.5CVSS6.9AI score0.0119EPSS
Exploits0References1Affected Software15
ICS
ICS
added 2025/02/25 1:30 p.m.27 views

Hitachi Energy PCU400

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities related to various versions of OpenSSL library components used in PCU400 versions listed in this document below for IEC62351-3 secure for IEC104/DNP3 or PCULogger tool. These vulnerabilities if exploited, can cause confidentiality...

8.2AI score
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.29 views

Hitachi Energy's RTU500 series Unrestricted Upload of File with Dangerous Type (CVE-2024-1532)

A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file. This plugin only works wit...

6.8CVSS5.4AI score0.00568EPSS
Exploits0References3
ICS
ICS
added 2024/03/26 11:32 a.m.55 views

Hitachi Energy MACH SCM (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION : Exploitable remotely Vendor : Hitachi Energy Equipment : MACH SCM Vulnerabilities : Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code 2. RISK EVALUATION Successful exploitation of...

7.5CVSS7.7AI score0.00628EPSS
Exploits0References9
ICS
ICS
added 2023/11/28 12:0 a.m.23 views

Hitachi Energy Relion 670/650/SAM600-IO Series (Update C)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2023-4518 that affects the Relion 670/650/SAM600-IO series that are listed below. An attacker successfully exploiting this vulnerability could cause operational disruptions of the devices. For immediate mitigation/workaround information,...

7.5CVSS7.4AI score0.00701EPSS
Exploits0References9
ICS
ICS
added 2023/08/08 6:0 a.m.41 views

Hitachi Energy RTU500 series

1. EXECUTIVE SUMMARY ​CVSS v3 7.5 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Hitachi Energy ​Equipment: RTU500 series ​Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could cause a buffer overflow and reboot of...

7.5CVSS8.4AI score0.00596EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.10 views

CVE-2023-28810

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...

4.3CVSS6.8AI score0.10396EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/05 12:0 a.m.9 views

Toyota RAV4 注入漏洞

The Toyota RAV4 is a utility crossover vehicle from Toyota Japan. A security vulnerability exists in Toyota RAV4 2021. An attacker exploits the vulnerability to drive the vehicle by accessing the access control CAN bus after pulling the bumper and reaching the headlight connector...

6.8CVSS6.7AI score0.00655EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.22 views

ABB Relion 650 and 670 Series Improper Input Validation (CVE-2019-18247)

An attacker may use a specially crafted message to force Relion 650 series versions 1.3.0.5 and prior or Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior to reboot, which could cause a denial of service. This plugin only works with Tenable.ot. Please visit...

7.8CVSS7.3AI score0.01551EPSS
Exploits0References2
ICS
ICS
added 2021/11/04 1:30 p.m.40 views

Hitachi Energy Relion 670/650/SAM600-IO

1. EXECUTIVE SUMMARY CVSS v3 8.1 Vendor: Hitachi Energy Equipment: Relion 670/650/SAM600-IO Vulnerability: Insecure Default Initialization of Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could hijack existing TCP sessions to inject packets of their choosing or cause...

8.1CVSS8.4AI score0.00567EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.21 views

Johnsoncontrols Metasys Improper Restriction of XML External Entity Reference

XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...

6.4CVSS2.2AI score0.01286EPSS
Exploits0References3
Rows per page
Query Builder