Lucene search
+L

45 matches found

ICS
ICS
added 2024/09/03 6:0 a.m.53 views

LOYTEC Electronics LINX Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : LOYTEC electronics GmbH Equipment : LINX series Vulnerabilities : Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function,...

8.2CVSS8.8AI score0.07381EPSS
Exploits6References10
ATTACKERKB
ATTACKERKB
added 2023/11/30 11:15 p.m.4 views

CVE-2023-46388

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

7.5CVSS5.7AI score0.01522EPSS
Exploits2References5
OSV
OSV
added 2023/11/30 11:15 p.m.6 views

CVE-2023-46386

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

7.5CVSS5.8AI score0.01573EPSS
Exploits2References4
OSV
OSV
added 2023/11/30 11:15 p.m.5 views

CVE-2023-46389

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...

7.5CVSS5.7AI score0.01973EPSS
Exploits2References4
NVD
NVD
added 2023/11/30 11:15 p.m.27 views

CVE-2023-46388

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

7.5CVSS0.01522EPSS
Exploits2References4
OSV
OSV
added 2023/11/30 11:15 p.m.5 views

CVE-2023-46387

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...

7.5CVSS5.7AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/11/30 11:15 p.m.4 views

CVE-2023-46389

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...

7.5CVSS5.7AI score0.01973EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2023/11/30 11:15 p.m.9 views

CVE-2023-46387

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...

7.5CVSS5.7AI score0.01973EPSS
Exploits2References5
OSV
OSV
added 2023/11/30 11:15 p.m.6 views

CVE-2023-46388

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

7.5CVSS5.8AI score0.01522EPSS
Exploits2References4
Prion
Prion
added 2023/11/30 11:15 p.m.20 views

Authentication flaw

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

5CVSS7.3AI score0.01573EPSS
Exploits2References3Affected Software2
Prion
Prion
added 2023/11/30 11:15 p.m.23 views

Remote file inclusion

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 Firmware 7.2.4 are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...

5CVSS6.8AI score0.01973EPSS
Exploits2References3Affected Software2
Prion
Prion
added 2023/11/30 11:15 p.m.20 views

Design/Logic Flaw

LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

5CVSS7.2AI score0.01522EPSS
Exploits2References3Affected Software2
Prion
Prion
added 2023/11/30 11:15 p.m.23 views

Design/Logic Flaw

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...

5CVSS6.8AI score0.01973EPSS
Exploits2References3Affected Software2
Vulnrichment
Vulnrichment
added 2023/11/30 12:0 a.m.10 views

CVE-2023-46387

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...

6.6AI score0.01973EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.5 views

LOYTEC LINX-212 Security Vulnerability

The LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 version 6.2.4 and LINX-151 version 7.2.4, which stems from a vulnerability that allows an attacker to disclose sensitive information on the LINX configuration via the registry.xml file...

7.5CVSS6.3AI score0.01973EPSS
Exploits2References5
CVE
CVE
added 2023/11/30 12:0 a.m.44 views

CVE-2023-46387

LOYTEC LINX-212 (firmware 6.2.4) and LINX-151 (firmware 7.2.4) are affected by CVE-2023-46387 due to Improper Access Control via the dpal_config.zml file. The Red Hat/CISA ICS and related sources describe an exploit scenario where this file’s accessibility enables remote disclosure of sensitive d...

7.5CVSS7.5AI score0.01973EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2023/11/30 12:0 a.m.43 views

CVE-2023-46388

LOYTEC LINX-212 and LINX-151 devices (all versions) are affected by CVE-2023-46388 due to Insecure Permissions via dpal_config.zml, enabling remote disclosure of SMTP client credentials and bypass of email authentication. The issue is tracked across multiple sources (including Red Hat and CISA IC...

7.5CVSS7.7AI score0.01522EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2023/11/30 12:0 a.m.38 views

CVE-2023-46389

LOYTEC LINX-212 and LINX-151 devices (all versions) are affected by CVE-2023-46389 due to Incorrect Access Control via the registry.xml file, enabling remote disclosure of sensitive configuration data. The ICS advisory lists affected products (LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580...

7.5CVSS7.5AI score0.01973EPSS
Exploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.4 views

PT-2023-29998 · Loytec Electronics Gmbh · Linx-151 +1

Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions Description: The issue is related to Incorrect Access Control via the registry.xml file, allowing remote attackers to disclose sensitive information on LINX configuration...

7.5CVSS7AI score0.01973EPSS
Exploits2References8
Cvelist
Cvelist
added 2023/11/30 12:0 a.m.37 views

CVE-2023-46387

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...

7.5AI score0.01973EPSS
Exploits2References4
Rows per page
Query Builder