Siemens SIMATIC S7-1500 Missing Cryptographic Step (CVE-2025-69418)

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

CVE-2023-0348

Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device...

User transactions can call system contracts directly

Lines of code Vulnerability details Impact User transaction can call system contracts directly, which shouldn't be allowed to not invoke potentially dangerous operations. Proof of Concept The DefaultAccount.executeTransaction executes a user transaction after it was validated. The function calls...

CVE-2023-0348 CVE-2023-0348

Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device...

PT-2023-16200 · Akuvox · Akuvox E11

Name of the Vulnerable Software and Affected Versions: Akuvox E11 affected versions not specified Description: The issue concerns a lack of access control in the SIP servers of Akuvox E11, allowing an attacker to make direct SIP calls to any device within the system, potentially enabling them to...