CVE-2023-29131

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...

CVE-2023-29131

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...

CVE-2023-29131

The CVE-2023-29131 vulnerability affects Siemens SIMATIC CN 4100 (all versions prior to V2.5). It stems from an incorrect default in the SSH configuration, enabling bypass of network isolation and potential privilege escalation. The RedHat/ICS and other sources confirm this issue alongside a rela...

CVE-2023-29131

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...

CVE-2023-29131

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2328)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-2328)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2023-2308)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in...

RLSA-2023:3839 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-2271)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2023-2281)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by...

CVE-2023-36611

The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens...

Code injection

The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens...

CVE-2023-36611

The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens...

CVE-2023-36611

The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens...

CVE-2023-36611

The CVE-2023-36611 issue affects Ovarro TBox RTUs and is described as an improper authorization vulnerability: low-privilege (user) access can reach higher-privilege software security tokens, potentially allowing access to files requiring higher privileges via SSH and token provisioning. Affected...

How to Change NSIP of VPX Instance in SDX

Thisarticle explains how to modify the NSIP on a SDX VPX instance. Background User has already provisioned a VPX instance with NSIP on SDX and later decides to change the NSIP of the instance. To do this, the user had chosen “config ns” utility on instance and successfully modified and verified...