15 matches found
EUVD-2022-39039
Malicious code in bioql PyPI...
CVE-2022-36323
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...
Injection Vulnerability in Multiple Siemens Products
SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 are industrial routers. An injection vulnerability exists in multiple Siemens products, which can be exploited by attackers to inject code or generate a system root shell...
CVE-2024-50572
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...
CVE-2024-50572
CVE-2024-50572 affects Siemens industrial devices (e.g., RUGGEDCOM RM1224 LTE, SCALANCE M family, S615, and related models) where an input field is not properly sanitized. This allows an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. The ...
Siemens SCALANCE SC-600 Family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SCALANCE W700 Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2023-44373)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU, RUGGEDCOM RM1224 LTE4G NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router Annex A, SCALANCE M812-1 ADSL-Router Annex B, SCALANCE M816-1 ADSL-Router Annex A, SCALANCE M816-1 ADSL-Router Annex B, SCALANCE M826-2 SHDSL-Router, SCALANC...
Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2023-86591)
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...
CVE-2023-44373
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
Input validation
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
CVE-2023-44373
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
CVE-2022-36323
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...
Input validation
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...
CVE-2022-36323
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...
CVE-2022-36323
Consolidated disclosure shows CVE-2022-36323 as an input sanitization vulnerability that can let an authenticated admin inject code or spawn a system root shell. The follow-up CVE-2023-44373 (in Siemens SCALANCE/W700 family and related devices) confirms this issue as a cross-contract injection vu...