Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

Siemens SCALANCE and RUGGEDCOM Devices Incorrect Comparison (CVE-2024-9681)

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS6.6AI score0.0197EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.3 views

Siemens RUGGEDCOM ROS Devices Improperly Implemented Security Check for Standard (CVE-2021-42017)

A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications. This plugin only works...

5.9CVSS6AI score0.00465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2024-49881)

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

5.5CVSS6.6AI score0.00249EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2017-9049)

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398. This plugi...

7.5CVSS6.8AI score0.04626EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Improper Validation of Certificate with Host Mismatch (CVE-2024-2466)

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.5CVSS6.7AI score0.01299EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2023-4016)

Under some circumstances, this weakness allows a user who has access to run the ps utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

3.3CVSS6.7AI score0.00241EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.1 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-39509)

HID: core: remove unnecessary WARNON in implement. There is a warning in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed out with the help of hidwarn and value in question gets trimmed with:...

5.5CVSS6.7AI score0.00302EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.34 views

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2023-3609)

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker...

7.8CVSS6.7AI score0.00458EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2025/04/16 12:0 a.m.3 views

Firmware Version Change Detected (Critical)

Changes in the controller firmware represent a major change in the behavior of the device and usually cause a temporary interruption of operations. An attacker could use firmware changes to add malicious code to the controller, causing it to perform harmful operations which are hard to detect. Th...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.7 views

Siemens SCALANCE X-200RNA Switch Devices Use After Free (CVE-2015-0209)

Use-after-free vulnerability in the d2iECPrivateKey function in crypto/ec/ecasn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have...

6.8CVSS7.4AI score0.1633EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.18 views

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0702)

The MODEXPCTIMECOPYFROMPREBUF function in crypto/bn/bnexp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the...

5.1CVSS7.2AI score0.0191EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/12 12:0 a.m.8 views

Siemens InsydeH2O Plaintext Storage of a Password (CVE-2021-38489)

An issue was discovered in the the HddPasswordPei driver of the Insyde InsydeH2O 5.x. HDD password is stored in plaintext. This plugin only works with Tenable.ot Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc';...

5.4AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.14 views

Siemens SIMATIC and SCALANCE Devices Linux Kernel Access of Resource Using Incompatible Type ('Type Confusion') (CVE-2022-34918)

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. The attacker can obtain root access, but must start with an...

7.8CVSS6.9AI score0.05451EPSS
Exploits16References6
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.7 views

Siemens SCALANCE W700 Double Free (CVE-2023-29469)

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.5CVSS7.1AI score0.01013EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.10 views

Siemens SCALANCE W700 Externally Controlled Reference to a Resource in Another Sphere (CVE-2023-0045)

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next schedul...

7.5CVSS6.7AI score0.02399EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2024/11/29 12:0 a.m.12 views

Eaton 9PX Insufficiently Protected Credentials (CVE-2018-9280)

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP version 3 user's password. The web page displayed by the appliance contains the password in cleartext. Passwords of the read and write users could be retrieved by browsing the source code of the webpage. Th...

4.9CVSS5.8AI score0.01043EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.37 views

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...

10CVSS7.4AI score0.04226EPSS
Exploits0References3
Rows per page
Query Builder