CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS6.5AI score0.00938EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:57 p.m.•4 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS6.6AI score0.00276EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:29 p.m.•6 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS6.6AI score0.0067EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:47 p.m.•2 views

CVE-2021-41545

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...

7.5CVSS6.6AI score0.00389EPSS

Exploits0

Tenable Nessus•added 2023/01/25 12:0 a.m.•26 views

Siemens Desigo PXC and DXR Devices Insufficient Session Expiration (CVE-2022-24042)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

9.1CVSS8AI score0.00253EPSS

Exploits0References3

Tenable Nessus•added 2023/01/25 12:0 a.m.•26 views

Siemens Desigo PXC and DXR Devices Sensitive Cookie in Https Session Without Secure Attribute (CVE-2022-24045)

6.5CVSS6.4AI score0.00938EPSS

Exploits0References3

Tenable Nessus•added 2023/01/25 12:0 a.m.•22 views

Siemens Desigo PXC and DXR Devices Uncontrolled Resource Consumption (CVE-2022-24040)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application fails to enforce an upper bound to the cost factor of the PBKD...

6.5CVSS6.4AI score0.00372EPSS

Exploits0References3

ATTACKERKB•added 2022/05/20 1:15 p.m.•1 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS5.5AI score0.00276EPSS

Exploits0References2

ATTACKERKB•added 2022/05/20 1:15 p.m.•2 views

CVE-2022-24045

6.5CVSS5.5AI score0.00938EPSS

Exploits0References2

NVD•added 2022/05/20 1:15 p.m.•7 views

CVE-2022-24045

6.5CVSS0.00938EPSS

Exploits0References1

NVD•added 2022/05/20 1:15 p.m.•10 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS0.0067EPSS

Exploits0References1

ATTACKERKB•added 2022/05/20 1:15 p.m.•2 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS5.5AI score0.0067EPSS

Exploits0References2

OSV•added 2022/05/20 1:15 p.m.•2 views

CVE-2022-24045

6.5CVSS5.7AI score0.00938EPSS

Exploits0References1

NVD•added 2022/05/20 1:15 p.m.•6 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS0.00276EPSS

Exploits0References1

Prion•added 2022/05/20 1:15 p.m.•10 views

Information disclosure

4CVSS6.8AI score0.00938EPSS

Exploits0References1Affected Software4

Prion•added 2022/05/20 1:15 p.m.•8 views

Design/Logic Flaw

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

5CVSS7.5AI score0.00276EPSS

Exploits0References1Affected Software4

Prion•added 2022/05/20 1:15 p.m.•9 views

Design/Logic Flaw

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5CVSS5.9AI score0.0067EPSS

Exploits0References1Affected Software4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by