Lucene search
+L

55 matches found

ICS
ICS
added 2026/04/14 12:0 a.m.13 views

Siemens SCALANCE

SUMMARY SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly...

9.1CVSS7.3AI score0.01373EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.16 views

Siemens SIMATIC and SCALANCE Devices Out-of-bounds Write (CVE-2022-43750)

drivers/usb/mon/monbin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 8090...

6.7CVSS6.5AI score0.00325EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.11 views

Siemens SCALANCE W700 Externally Controlled Reference to a Resource in Another Sphere (CVE-2023-0045)

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next schedul...

7.5CVSS6.7AI score0.02399EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.6 views

Siemens SCALANCE W700 Uncontrolled Resource Consumption (CVE-2024-23814)

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re- assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service...

6.9CVSS5.8AI score0.00599EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.9 views

Siemens SCALANCE W700 Double Free (CVE-2023-26545)

In the Linux kernel before 6.1.13, there is a double free in net/mpls/afmpls.c upon an allocation failure for registering the sysctl table under a new location during the renaming of a device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

4.7CVSS6.4AI score0.00331EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.9 views

Siemens SIMATIC and SCALANCE Devices Uncontrolled Resource Consumption (CVE-2023-1206)

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6...

5.7CVSS6.6AI score0.00553EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.7 views

Siemens SCALANCE W700 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-33016)

memory corruption when an invalid firehose patch command is invoked. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid502913; scriptversion"1.3";...

6.8CVSS5.5AI score0.00153EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.11 views

Siemens SIMATIC and SCALANCE Devices Type Confusion (CVE-2023-23454)

cbqclassify in net/sched/schcbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service slab-out-of-bounds read because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid classification results. This plugin only works wi...

5.5CVSS6.5AI score0.00312EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.12 views

Siemens SCALANCE W700 Double Free (CVE-2022-40304)

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. This plugin only works with Tenable.ot. Please visit...

7.8CVSS6.7AI score0.06782EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.5 views

Siemens SCALANCE W700 NULL Pointer Dereference (CVE-2023-43522)

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid502871;...

7.5CVSS7.2AI score0.00324EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.19 views

Siemens SIMATIC and SCALANCE Devices Out-of-bounds Write (CVE-2023-45863)

An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fillkobjpath out-of-bounds write. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

6.4CVSS6.8AI score0.00284EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.9 views

Siemens SIMATIC and SCALANCE Devices Race Condition (CVE-2022-39188)

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition unmapmappingrange versus munmap, a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VMPFNMAP VMAs. This plugin only works with...

4.7CVSS6.6AI score0.00216EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.9 views

Siemens SIMATIC and SCALANCE Devices Out-of-bounds Write (CVE-2023-3611)

An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. The qfqchangeagg function in net/sched/schqfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. Thi...

7.8CVSS6.8AI score0.00274EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.11 views

Siemens SIMATIC and SCALANCE Devices Use After Free (CVE-2023-4921)

A use-after-free vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfqdequeue due to the incorrect .peek handler of...

7.8CVSS6.7AI score0.00396EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.13 views

Siemens SIMATIC and SCALANCE Devices NULL Pointer Dereference (CVE-2023-42754)

A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before calling ipoptionscompile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAPNETADMIN privileges t...

5.5CVSS6.7AI score0.00406EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.4 views

Siemens SIMATIC and SCALANCE Devices Divide By Zero (CVE-2023-31085)

An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used indirectly by ctrlcdevioctl, when mtd-erasesize is 0. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.5CVSS6.6AI score0.00379EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.15 views

Siemens SCALANCE W700 Out-of-bounds Write (CVE-2022-47069)

p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCdbool at CPP/7zip/Archive/Zip/ZipIn.cpp. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVE...

7.8CVSS7.2AI score0.00298EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.12 views

Siemens SIMATIC and SCALANCE Devices Out-of-bounds Read (CVE-2023-39192)

A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of- bounds read by setting the size fields with a value beyond the array boundaries, leading to a...

6.7CVSS6.6AI score0.00397EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.5 views

Siemens SCALANCE W700 Use After Free (CVE-2023-1670)

A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA PC- card Ethernet driver was found.A local user could use this flaw to crash the system or potentially escalate their privileges on the system. This plugin only works with Tenable.ot. Please visit...

7.8CVSS6.6AI score0.00275EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.8 views

Siemens SCALANCE Devices Out-of-bounds Write (CVE-2023-6129)

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

6.5CVSS6.9AI score0.02323EPSS
Exploits0References8
Rows per page
Query Builder