SHARP MFPs Configuration API Vulnerability (CVE-2024-47005)

Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs. This plugin only works with Tenable.ot. Please visit...

SHARP MFPs Stored Cross-Site Scripting (CVE-2024-48870)

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users. This plugin only works wi...

EUVD-2025-206522

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27434)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27434 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set th...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2025-21787)

team: better TEAMOPTIONTYPESTRING validation This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503529; scriptversion"1.2";...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21844)

smb: client: Add check for nextbuffer in receiveencryptedstandard This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503639; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-47706)

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain In this case, IO from Process 1 will get bfqq2 from BIC1 first, and then get bfqq3 through merge chain, and finially handle IO by bfqq3. Howerver, current code will think...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27047)

Vulnerablity in Linux kernel: net: phy: phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and rx-internal- delay-ps or tx-internal-delay-ps is...

Siemens SIMATIC Devices Improper Check for Unusual or Exceptional Conditions (CVE-2024-44948)

In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed variant has a separate capability bit in the...

Siemens SIMATIC Devices Integer Overflow or Wraparound (CVE-2024-23307)

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...

Siemens SIMATIC Devices Use After Free (CVE-2024-26961)

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26651)

sr9800: Local Denial of Service Vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503678; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-50035)

In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21814)

ptp: Ensure info-enable callback is always set This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503440; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Uncontrolled Resource Consumption (CVE-2024-47710)

sockmap: vulnerability result of adding a condresched in sockhashfree to prevent CPU soft lockups when destroying maps with a large number of buckets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SIMATIC Devices Use After Free (CVE-2024-23848)

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Siemens SIMATIC Devices Incorrect Calculation of Buffer Size (CVE-2024-42259)

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cau...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43893)

serial: core: vulnerability due to a missing check for uartclk being zero, leading to a potential divide-by-zero error when calling ioctl TIOCSSERIAL with an invalid baudbase. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC Devices Use After Free (CVE-2025-21761)

openvswitch: use RCU protection in ovsvportcmdfillinfo This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503450; scriptversion"1.2";...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-36902)

Vulnerability in Linux kernel: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. This plugin only works with Tenable.ot. Please visit...