Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

BDU FSTEC
BDU FSTECadded 2022/07/08 12:0 a.m.2 views

The vulnerabilities of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules allow a intruder to cause service failures.

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 stations is related to an exception handling error. Exploiting this vulnerability could allow a perpetrator to cause service failures by installing a key derived from PBKDF2...

6.8CVSS6.5AI score0.00781EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTECadded 2022/05/18 12:0 a.m.2 views

The vulnerability of the AddCell function in the web server of the microprogramming software for building automation modules Desigo PXC4 and PXC5 allows a hacker to execute arbitrary code by injecting specially crafted XML into the XLS report file.

The vulnerability of the AddCell function in the web server of the microprogramming software for building automation modules, Desigo PXC4 and PXC5, is related to errors during the elimination of special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...

9CVSS8.1AI score0.0177EPSS
Exploits0References3Affected Software2
OSV
OSVadded 2022/05/10 11:15 a.m.3 views

CVE-2022-24039

A vulnerability has been identified in Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such...

9CVSS7.4AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/05/10 11:15 a.m.1 views

CVE-2022-24042

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

9.1CVSS5.4AI score0.00899EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/05/10 12:0 a.m.4 views

PT-2022-2567 · Siemens · Desigo Pxc4 +1

Name of the Vulnerable Software and Affected Versions: Desigo PXC4 versions prior to V02.20.142.10-10884 Desigo PXC5 versions prior to V02.20.142.10-10884 Description: A vulnerability has been identified in the addCell JavaScript function, which fails to properly sanitize user-controllable input...

9CVSS9.2AI score0.0177EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/05/10 12:0 a.m.3 views

PT-2022-3425 · Siemens · Desigo Pxc4 +3

Name of the Vulnerable Software and Affected Versions: Desigo DXR2 versions prior to V01.21.142.5-22 Desigo PXC3 versions prior to V01.21.142.4-18 Desigo PXC4 versions prior to V02.20.142.10-10884 Desigo PXC5 versions prior to V02.20.142.10-10884 Description: A vulnerability has been identified i...

9.1CVSS9.1AI score0.00899EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/05/10 12:0 a.m.2 views

Siemens Desigo PXC4 安全漏洞

The Desigo PXC4 building automation controller is designed for HVAC system control. It is a compact device with built-in IOs that can be expanded to meet your needs with additional TX-IO modules.The Desigo PXC5 is a freely programmable controller for BACnet system-level functions such as alarm...

9CVSS9AI score0.0177EPSS
Exploits0References5
Rows per page
Query Builder