3 matches found
Remote Code Execution Vulnerabilities in Secomea, Moxa, and HMS eWon VPNs
Security researchers at Claroty published details on multiple pre-auth remote code execution vulnerabilities affecting virtual private network VPN implementations primarily used to provide remote access to operational technology OT networks. The vulnerabilities could allow unauthenticated attacke...
CVE-2020-14510
GateManager (Secomea) VPN server is affected by CVE-2020-14510 due to a hard-coded telnet credential, allowing an unprivileged attacker to execute commands as root. Affected: GateManager versions prior to 9.2c. Mitigation/remediation: update to 9.2c (or newer, per advisories) and apply provided p...
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Remote code-execution vulnerabilities in virtual private network VPN products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to...