3 matches found
Remote Code Execution Vulnerabilities in Secomea, Moxa, and HMS eWon VPNs
Security researchers at Claroty published details on multiple pre-auth remote code execution vulnerabilities affecting virtual private network VPN implementations primarily used to provide remote access to operational technology OT networks. The vulnerabilities could allow unauthenticated attacke...
CVE-2020-14508
CVE-2020-14508 is an off-by-one error in Secomea GateManager prior to version 9.2c that could allow an unauthenticated remote attacker to cause a remote code execution or a denial-of-service condition. Devices affected are GateManager VPN servers (pre-9.2c). The issue is part of a broader set of ...
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Remote code-execution vulnerabilities in virtual private network VPN products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to...