Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.16 views

Trane Symbio Improper Control of Generation of Code (CVE-2021-38448)

The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

7.6CVSS7.5AI score0.00272EPSS
Exploits0References2
Circl
Circl
added 2021/11/22 10:20 p.m.5 views

CVE-2021-38448

creationtimestamp| type| source ---|---|--- 2021-11-22 22:20:01+00:00| seen| https://t.me/cibsecurity/32817...

7.6CVSS7.4AI score0.00272EPSS
Exploits0References1
CVE
CVE
added 2021/11/22 6:58 p.m.61 views

CVE-2021-38448

CVE-2021-38448 affects Trane Symbio controllers (Symbio 700 and Symbio 800). The root cause is improper sanitization of input containing code syntax, allowing a crafted input to alter controller flow and potentially execute arbitrary code. Public advisories (ICS-CERT/US-CISA) link this to code in...

7.6CVSS7.5AI score0.00272EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/22 6:58 p.m.29 views

CVE-2021-38448 Trane Symbio Improper Control of Generation of Code

The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software...

7.5CVSS7.7AI score0.00272EPSS
Exploits0References1
ICS
ICS
added 2021/09/23 12:0 a.m.43 views

Trane Symbio (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Trane Equipment: Symbio 700 and Symbio 800 controllers Vulnerability: Code Injection 2. UPDATE INFORMATION The updated advisory is a follow-up to the original advisory titled ICSA-21-266-01 Trane Symbio that was published...

7.6CVSS8.2AI score0.00272EPSS
Exploits0References5
Rows per page
Query Builder