CVE-2021-34577

In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device...

PT-2022-10357 · Kaden · Kaden Picoflux Air

Name of the Vulnerable Software and Affected Versions: Kaden PICOFLUX AiR water meter affected versions not specified Description: The issue allows an adversary to read values from the device through wireless M-Bus mode 5, utilizing a hardcoded shared key, provided they are adjacent to the device...

Enbra Ewm Data Forgery Issue Vulnerability

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a data forgery issue in version 1.7.29, which stems from the fact that the software does not check for or detect replay...

Enbra Ewm Trust Management Issue Vulnerability

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses radios to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a trust management issue, which stems from multiple wireless M-Bus devices from Enbra using hard-coded credentials in secu...

CVE-2021-34571

Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM...

CVE-2021-34571

The CVE-2021-34571 entry concerns Enbra EWM, a universal Enbra Wireless M-Bus reading device. Concrete details across connected records show a trust/credential management issue in which several wireless M-Bus devices use hard-coded credentials in secure mode 5, with no option to change the encryp...

CVE-2021-34571 Hard-coded Credentials in Enbra Wireless M-Bus devices

Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM...

nmstate bug fix update

Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner. Bug fixes: Incorrectly choose unmanaged interface for DNS configurations. BZ1961914 Activation failure for changing OVS VLAN ID. BZ1961913 Activation failure for changing MTU...

CVE-2018-8956

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that...

CVE-2018-8956

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that...

CVE-2018-8956

CVE-2018-8956 affects ntp (ntpd) in ntp 4.2.8p10–4.2.8p13. A remote attacker can prevent a broadcast client from synchronizing with a broadcast NTP server by sending spoofed soofed mode 3/5 packets. Exploitation requires access to the same broadcast network or control of a slave that can relay pa...