PT-2022-18503 · Sick · Sick Rfu61X

Name of the Vulnerable Software and Affected Versions: SICK RFU61x firmware versions prior to v2.25 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

PT-2022-27991 · Sick · Sick Rfu63X

Name of the Vulnerable Software and Affected Versions: SICK RFU63x firmware versions prior to 2.21 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

PT-2022-27760 · Siemens · Ruggedcom Rm1224 Lte(4G) Eu +151

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns devices that store CLI user passwords encrypted in flash memory. Attackers with physical access to the device could potentially...

SICK RFU63x 加密问题漏洞

The SICK RFU61x is the smallest read/write device in the SICK UHF portfolio from SICK. It is ideally suited for IoT applications directly on workpieces or components. A security vulnerability exists in the SICK RFU63x prior to version 2.21, which stems from if a user requests encryption with a we...

PT-2022-6664 · Tp Link · Tp-Link Tapo C200

Name of the Vulnerable Software and Affected Versions: TP-Link Tapo C200 camera version 1.1.22 Build 220725 Description: The issue is related to the implementation of the AES encryption algorithm in the TP-Link Tapo C200 camera, which involves the reuse of the AES Key-IV pair across all cameras...

Siemens部分产品 安全漏洞

Siemens SCALANCE Series and Siemens RUGGEDCOM Series are a series of industrial communication devices from Siemens, Germany. A security vulnerability exists in some Siemens products. An attacker could exploit the vulnerability to retrieve files and decrypt CLI user passwords...

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR

SICK received a report about a vulnerability in the SICK RFU6XX RADIO FREQUEN. SENSOR. The used SSH service allowed for weak cipher suites to be used in traffic encryption. If weak cipher suites are used for traffic encryption, an attacker could potentially decrypt the traffic, which would affect...

Code injection

IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522...

MariaDB 5.5.0 < 5.5.53 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.53 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client mysqldump. Supported versions that are affected a...

CVE-2022-20940

A vulnerability in the TLS handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses...

CVE-2022-20940

A vulnerability in the TLS handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses...

Information disclosure

A vulnerability in the TLS handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses...

DTrack activity targeting Europe and Latin America

Introduction DTrack is a backdoor used by the Lazarus group. Initially discovered in 2019, the backdoor remains in use three years later. It is used by the Lazarus group against a wide variety of targets. For example, weve seen it being used in financial environments where ATMs were breached, in...

NewStart CGSL MAIN 6.02 : gnutls Multiple Vulnerabilities (NS-SA-2022-0097)

The remote NewStart CGSL host, running version MAIN 6.02, has gnutls packages installed that are affected by multiple vulnerabilities: - A flaw was found in gnutls. A use after free issue in client sending keyshare extension may lead to memory corruption and other consequences. CVE-2021-20231 - A...

CVE-2022-34320

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464...

Code injection

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464...

CVE-2022-34319

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463...

CVE-2022-34319

CVE-2022-34319 affects IBM CICS TX family: specifically IBM CICS TX 11.7 uses weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Connected documents also reference IBM CICS TX Standard/Advanced around version 11.1 and indicate fixes/remediations ...

IBM CICS TX 加密问题漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. IBM CICS TX version 11.7 is vulnerable to an encryption issue that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decrypt...

Cisco Firepower Threat Defense Information Disclosure Vulnerability

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services.Cisco Firepower Threat Defense FTD Software is vulnerable to an information disclosure vulnerability that stems from its TLS handler's implementation of improper...