ABB M2M Gateway Arbitrary Code Execution in embedded Linux Kernel for some AMD CPUs (CVE-2021-26401)

LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503249;...

ABB M2M Gateway Heap Overflow in embedded Zlib (CVE-2022-37434)

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-2828)

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

ABB M2M Gateway Arbitrary Code Execution in embedded OpenSSH (CVE-2023-38408)

The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...

ABB M2M Gateway Arbitrary Code Execution in embedded OpenSSH (CVE-2016-10009)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...

ABB M2M Gateway Use-After-Free in embedded Libexpat (CVE-2022-40674)

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503230;...

ABB M2M Gateway Out-Of-Bound Memory Read/Write in embedded Libssh2 (CVE-2020-22218)

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; i...

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2023-32233)

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. This plug...

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2022-42703)

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2022-3564)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

ABB M2M Gateway Arbitrary Code Execution in embedded Linux Kernel (CVE-2022-2964)

A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out- of-bounds writes. This plugin only works with Tenable.ot. Please visit...

ABB M2M Gateway Out-Of-Bound Write in embedded Apr-util (CVE-2022-25147)

Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. This plugin only works with Tenable.ot. Plea...

ABB M2M Gateway Information Disclosure in embedded Python (CVE-2023-24329)

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

ABB M2M Gateway Memory Leak in embedded Bind (CVE-2022-38177)

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. This plugin only works with Tenable.ot. Please visit...

ABB M2M Gateway Stack Overflow in embedded Linux Kernel (CVE-2022-4378)

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. This plugin only works with Tenable.ot. Please visit...

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2022-2795)

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. This plugin only works with Tenable.ot. Please visit...

CVE-2023-23575

Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows:...

CVE-2023-27917

OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root privilege. The affected products and versions are as follows: M2M Gateway with the firmware Ver.3.7.10 a...

CVE-2023-23575

Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows:...

Design/Logic Flaw

Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service DoS condition, and/or execute arbitrary code...