Lucene search
+L

366 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.18 views

Siemens Desigo PX Devices External Control of Assumed-Immutable Web Parameter (CVE-2019-13927)

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...

5.3CVSS5.7AI score0.01675EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.32 views

Siemens Desigo PXM Devices Improper Neutralization of Input During Web Page Generation (CVE-2022-40178)

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.4CVSS6AI score0.00486EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.23 views

Siemens Desigo PXC and DXR Devices Observable Discrepancy (CVE-2022-24043)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS5.6AI score0.01012EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.28 views

Siemens Desigo PXC and DXR Devices Uncontrolled Resource Consumption (CVE-2022-24040)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application fails to enforce an upper bound to the cost factor of the PBKD...

6.5CVSS6.4AI score0.00798EPSS
Exploits0References3
CNVD
CNVD
added 2022/10/13 12:0 a.m.23 views

Information leakage vulnerability of multiple Siemens products

Siemens Desigo PX is a building automation control system from Siemens, a German company. The information disclosure vulnerability in several Siemens products stems from the fact that the endpoint of the "Operation" web application that interprets and executes Axon language queries allows file re...

3.8AI score0.0081EPSS
Exploits0
CNVD
CNVD
added 2022/10/13 12:0 a.m.28 views

Multiple Siemens Products Operating System Command Injection Vulnerabilities

Siemens Desigo PX is a building automation control system from Siemens Germany. Multiple Siemens products are vulnerable to operating system command injection. The vulnerability stems from the presence of incorrect neutralization of special elements used in O commands with root privileges during...

5.9AI score0.01146EPSS
Exploits0
CNVD
CNVD
added 2022/10/13 12:0 a.m.54 views

Cross-site scripting vulnerability in Import Files function of multiple Siemens products

Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site scripting vulnerability exists in several Siemens products. The vulnerability stems from an incorrect neutralization of input during web page generation in the Import Files function of the...

2.4AI score0.00486EPSS
Exploits0
CNVD
CNVD
added 2022/10/13 12:0 a.m.21 views

Multiple Siemens Products Axon Language Query Cross-Site Request Forgery Vulnerability

Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site request forgery vulnerability exists in several Siemens products, stemming from a lack of authentication of anti-CSRF tokens or other source checks in the endpoint of the "Operation" Web...

4.2AI score0.00305EPSS
Exploits0
CNVD
CNVD
added 2022/10/13 12:0 a.m.26 views

Cross-site Request Forgery Vulnerability in Import Files Function of Multiple Siemens Products

Siemens Desigo PX is a building automation control system from Siemens, a German company. A cross-site request forgery vulnerability exists in several Siemens products, stemming from a lack of validation of anti-CSRF tokens or other source checks in the Import Files feature of the "Operation" Web...

2.7AI score0.00247EPSS
Exploits0
CNVD
CNVD
added 2022/10/13 12:0 a.m.62 views

Multiple Siemens products open to redirection vulnerabilities

Siemens Desigo PX is a building automation control system from Siemens Germany. Several Siemens products have an open redirection vulnerability, which stems from the fact that the device's embedded browser does not prevent interaction with an alternate URI scheme when the Web application code...

1.5AI score0.00845EPSS
Exploits0
OSV
OSV
added 2022/10/11 11:15 a.m.3 views

CVE-2022-40178

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.4CVSS6AI score0.00486EPSS
Exploits0References1
NVD
NVD
added 2022/10/11 11:15 a.m.24 views

CVE-2022-40181

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

8.3CVSS0.00845EPSS
Exploits0References1
OSV
OSV
added 2022/10/11 11:15 a.m.6 views

CVE-2022-40179

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

8.1CVSS6AI score0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/11 11:15 a.m.4 views

CVE-2022-40178

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.4CVSS6.3AI score0.00486EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/10/11 11:15 a.m.4 views

CVE-2022-40180

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.3CVSS6.2AI score0.00247EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 11:15 a.m.4 views

CVE-2022-40182

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

8.8CVSS5.8AI score0.00857EPSS
Exploits0References1
NVD
NVD
added 2022/10/11 11:15 a.m.22 views

CVE-2022-40179

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

8.1CVSS0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/11 11:15 a.m.2 views

CVE-2022-40182

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

8.8CVSS7.4AI score0.00857EPSS
Exploits0References2
NVD
NVD
added 2022/10/11 11:15 a.m.21 views

CVE-2022-40180

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

5.3CVSS0.00247EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/11 11:15 a.m.6 views

CVE-2022-40181

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

8.3CVSS7.5AI score0.00845EPSS
Exploits0References2
Rows per page
Query Builder