EUVD-2023-27507

Malicious code in bioql PyPI...

Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4

Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered, that can be accessed via Ethernet...

kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment

A flaw was found in the Linux kernel's mlx5 InfiniBand driver. Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability...

Multiple vulnerabilities in SICK MEAC300

SICK has identified vulnerabilities in MEAC300. These vulnerabilities, related to the OpenSSL library and specific device functionalities, could potentially allow remote, unauthenticated attackers to: 1 Cause a denial of service: Triggering an infinite loop that consumes CPU resources, rendering...

CVE-2024-22727

Teltonika TRB1-series devices with firmware before TRB1R00.07.05.2 allow attackers to exploit a firmware vulnerability via Ethernet LAN or USB...

PT-2024-19546

Name of the Vulnerable Software and Affected Versions Teltonika TRB1-series devices versions prior to TRB1 R 00.07.05.2 Description The issue allows attackers to exploit a firmware vulnerability via Ethernet LAN or USB. Recommendations For versions prior to TRB1 R 00.07.05.2, update the firmware ...

Vulnerability in SICK SIM1012

To allow full programmability of the SICK SIM1012, all Ethernet ports are open by factory default. If unused ports are not closed, this could potentially allow a remote, unauthenticated attacker to impact the availability, confidentiality, and integrity of the SICK SIM1012. SICK is not aware of a...

Vulnerabilities in SICK LMS5xx

SICK received a report about multiple vulnerabilities in the SICK LMS5xx, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the LMS5xx. SICK recommends making sure to run the product ...

Vulnerabilities in SICK EventCam App

SICK discovered vulnerabilities in the SICK EventCam App, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the EventCam App. SICK recommends making sure to run the product in a secur...

CVE-2022-36443

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels wireless and SD card but it is still possible to use a physical connection Ethernet cable without restriction...

Siemens SCALANCE X-200RNA Switch Devices has an unspecified vulnerability

The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.A security vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices due to the web server of the affected device calculating session IDs and random...

Siemens SCALANCE X-200RNA Switch Devices Cross-Site Scripting Vulnerability

The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.A cross-site scripting vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices, which can be exploited by attackers to trigger malicious requests on...

Siemens SCALANCE X-200RNA Switch Devices Information Disclosure Vulnerability

The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.An information disclosure vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices, which could be exploited by an attacker to gain access to sensiti...

Allen Bradley Micrologix 1100 Input Validation Error Vulnerability

The Allen Bradley Micrologix 1100 is a programmable controller for industrial environments from Allen Bradley of the Netherlands. The device supports Ethernet access, online editing for monitoring and programming, an embedded Web server for controlling the device via a Web page, and an embedded L...

CVE-2019-0150

Insufficient access control in firmware IntelR Ethernet 700 Series Controllers versions before 7.0 may allow a privileged user to potentially enable a denial of service via local access...

PT-2013-86: Denial of Service in Siemens SIMATIC S7-1500 CPU PLC

The specialists of the Positive Research center have detected a Denial of Service vulnerability in Siemens SIMATIC S7-1500 CPU PLC. Specially crafted Profinet packets sent to the affected device might cause the device to go into defect mode. A cold restart is required to recover the system. The...

SEIL Series routers vulnerable to buffer overflow

Overview SEIL Series routers contain a buffer overflow vulnerability. The PPP Access Concentrator PPPAC contained in SEIL Series routers contain a buffer overflow vulnerability when processing PPPoE packets. Impact An attacker may be able to execute arbitrary code. Accoding to the developer, all...