37 matches found
📄 Siemens SICAM A8000 25.30 Denial of Service
Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012 versions 25.30 and below suffer from a resource exhaustion denial of service vulnerability. CyberDanube Security Research 20260408-0 ------------------------------------------------------------------------------- title| Remote Operation Denial o...
EUVD-2023-47224
Malicious code in bioql PyPI...
CVE-2023-42797
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...
CVE-2023-33921
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce or crack the root password to...
CVE-2023-28489
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by...
CVE-2023-36380
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.11 only with activated debug support, CP-8050 MASTER MODULE All versions CPCI85 V05.11 only with activated debug support. The affected devices contain a hard-coded ID in the SSH authorizedkeys configuration file...
CVE-2023-33920
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to the device. An attacker with...
CVE-2023-42796
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.11, CP-8050 MASTER MODULE All versions CPCI85 V05.11. The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the i3c:master:mipi-i3c-hci module...
The vulnerability of the microprogrammed software of the communication module control devices CP-8031 MASTER MODULE and CP-8050 MASTER MODULE allows a perpetrator to execute arbitrary commands on the device with root privileges.
The vulnerability of the microprogrammed software in the CP-8031 MASTER MODULE and CP-8050 MASTER MODULE communication modules is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary commands on the...
CVE-2023-42797
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...
CVE-2023-42797
Summary: CVE-2023-42797 affects Siemens SICAM A8000 CP-8031 and CP-8050 Master Modules (versions prior to CPCI85 V05.20). The network configuration service mishandles IPv4 address conversion, causing an uninitialized variable to be used in subsequent validation. An authenticated remote attacker c...
The vulnerability of the web server of the microprogramming software for communication module control devices CP-8031 MASTER MODULE and CP-8050 MASTER MODULE allows attackers to upload arbitrary files and elevate their privileges to the level of administrators.
The vulnerability of the web server of the microprogramming software for communication module control devices CP-8031 MASTER MODULE and CP-8050 MASTER MODULE is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious...
Design/Logic Flaw
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.11, CP-8050 MASTER MODULE All versions CPCI85 V05.11. The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote...
CVE-2023-42796
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.11, CP-8050 MASTER MODULE All versions CPCI85 V05.11. The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote...
CVE-2023-42796
CVE-2023-42796 affects Siemens SICAM A8000 CPCI85 firmware web server (CP-8031/CP-8050 MASTER MODULE, all versions before CPCI85 V05.11). The vulnerability is a path traversal flaw in the /sicweb-ajax/tmproot/ endpoint that allows an authenticated remote attacker to traverse directories and downl...
CVE-2023-36380
The CVE-2023-36380 issue affects Siemens SICAM A8000 CP-8031 and CP-8050 MASTER MODULEs prior to CPCI85 V05.11 when debug support is activated. A hard-coded credential in the SSH authorized_keys configuration enables login if the attacker knows the corresponding private key. The vulnerability is ...
CVE-2023-33921
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce or crack the root password to...
CVE-2023-33921
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce or crack the root password to...
CVE-2023-33920
A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to the device. An attacker with...