Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19894

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-19891

Malicious code in bioql PyPI...

6.3CVSS6.5AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19892

Malicious code in bioql PyPI...

8.2CVSS6.3AI score0.00326EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.7 views

The vulnerability of the MQTT protocol implementation in the web interface of the microprogramming-based controller ABB RMC-100 and RMC-100-LITE allows a intruder to gain unauthorized access to protected information.

The vulnerability of the MQTT protocol web interface implementation for microprogrammable controllers ABB RMC-100 and RMC-100-LITE lies in the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.3CVSS5.5AI score0.00228EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2025/07/05 5:19 p.m.6 views

CVE-2025-6072

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.Thi...

8.2CVSS6.4AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/05 5:19 p.m.7 views

CVE-2025-6071

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016...

6.3CVSS6.3AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/05 5:19 p.m.5 views

CVE-2025-6073

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer...

8.2CVSS6.8AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/05 5:19 p.m.6 views

CVE-2025-6074

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data...

6.5CVSS6.8AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2025/07/03 5:15 p.m.3 views

CVE-2025-6071

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016...

6.3CVSS0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/03 4:56 p.m.8 views

CVE-2025-6071 Hard Coded Key used for AES encryption

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016...

6.3CVSS0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 4:56 p.m.4 views

CVE-2025-6071 Hard Coded Key used for AES encryption

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016...

6.3CVSS6.5AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2025/07/03 4:53 p.m.20 views

CVE-2025-6072

CVE-2025-6072 affects ABB RMC-100 and RMC-100 LITE. The root cause is a stack-based buffer overflow in the REST interface when processing JSON configuration, enabling overflow of the expiration date field (and related CVE-2025-6074 flow). Impact cited includes potential denial of service and expo...

8.2CVSS7.4AI score0.00326EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 4:49 p.m.2 views

CVE-2025-6073 Stack Buffer Overflow in MQTTCore

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer...

8.2CVSS7AI score0.00356EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/03 4:49 p.m.8 views

CVE-2025-6073 Stack Buffer Overflow in MQTTCore

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer...

8.2CVSS0.00356EPSS
Exploits0References1
CVE
CVE
added 2025/07/03 4:49 p.m.24 views

CVE-2025-6073

CVE-2025-6073 is a stack-based buffer overflow in ABB RMC-100 and RMC-100 LITE caused by REST interface exposure. It affects RMC-100 builds 2105457-043 to 2105457-045 and RMC-100 LITE builds 2106229-015 to 2106229-016. The issue is tied to CVE-2025-6074, which describes a related hard-coded key v...

8.2CVSS7.9AI score0.00356EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 4:46 p.m.4 views

CVE-2025-6074 Authentication Bypass to the MQTT configuration Web Interface

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data...

6.5CVSS6.9AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2025/07/03 4:46 p.m.17 views

CVE-2025-6074

CVE-2025-6074 concerns ABB RMC-100 and ABB RMC-100 LITE. The issue is a use of a hard-coded cryptographic key that enables bypassing REST interface authentication, allowing an attacker who has access to the source code and control network to gain access to MQTT configuration data when the REST in...

6.5CVSS7.8AI score0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.4 views

PT-2025-27815 · Abb · Abb Rmc-100 Lite +1

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016 Description: The issue allows an attacker to gain access to salted information, which can be used to decrypt MQTT information. This...

6.3CVSS6.3AI score0.00228EPSS
Exploits0References5
Rows per page
Query Builder