Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/17 12:0 a.m.9 views

Siemens SCALANCE LPE9403 Improper Neutralization of Special Elements Used in an OS Command (CVE-2025-27398)

Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of binaries that are already present on the filesystem. This plugin only works with Tenable.ot...

2.7CVSS5.7AI score0.0031EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/17 12:0 a.m.7 views

Siemens SCALANCE M-800 and SC-600 Families Partial String Comparison (CVE-2025-23384)

A remote attacker needs to have access to a valid certificate in order to perform a successful attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

6.3CVSS5.6AI score0.00258EPSS
Exploits0References4
Circl
Circl
added 2025/03/11 1:26 p.m.7 views

CVE-2025-27398

creationtimestamp| type| source ---|---|--- 2025-03-11 13:26:38+00:00| seen| https://t.me/cvedetector/20064 2025-03-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-06...

2.7CVSS4.8AI score0.0031EPSS
Exploits0References2
NVD
NVD
added 2025/03/11 10:15 a.m.8 views

CVE-2025-27398

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly neutralize special characters when interpreting user controlled log paths. This could allow an authenticated highly-privileged remote attacker to execute a limited set of...

2.7CVSS0.0031EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 9:48 a.m.63 views

CVE-2025-27398

CVE-2025-27398 affects Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) prior to version 4.0. The issue is an OS command injection where user-controlled log paths are not properly neutralized, enabling an authenticated, highly-privileged attacker to run a limited set of binaries already present on t...

2.7CVSS7.2AI score0.0031EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder