Eaton Discontinued Devices Detection

The current plugin identifies Eaton devices that are currently discontinued. Eaton Lifecycle Statuses: - Active: Most current offering within a product category. - End of Life: Discontinued date announced - actively execute migrations and last time buys. Product generally orderable until the...

Siemens SCALANCE and RUGGEDCOM Devices Incorrect Comparison (CVE-2024-9681)

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46832)

MIPS: cevt-r4k: Don't call getc0compareint if timer irq is installed This avoids warning: 0.118053 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:283 Caused by getc0compareint on secondary CPU. We also skipped saving IRQ number to struct clockeventdevice cd as it's...

Siemens RUGGEDCOM ROS Devices Improperly Implemented Security Check for Standard (CVE-2021-42017)

A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications. This plugin only works...

Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2023-4016)

Under some circumstances, this weakness allows a user who has access to run the ps utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-52425)

libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Siemens SIMATIC S7-1500 Stack-based Buffer Overflow (CVE-2024-38621)

In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160copyvideo The subtract in this condition is reversed. The -length is the length of the buffer. The -bytesused is how many bytes we have copied thus far. When the condition is reversed...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21724)

iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsettoindex. Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex where shifting the constant 1 of type int by bitmap-mapped.pgshift an unsigned long value could result in undefined behavior. The constant 1 defaults to a...

Siemens SIMATIC S7-1500 Deadlock (CVE-2024-56780)

quota: flush quotareleasework upon quota writeback One of the paths quota writeback is called from is: freezesuper syncfilesystem ext4syncfs dquotwritebackdquots. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Siemens SIMATIC S7-1500 Improper Validation of Array Index (CVE-2022-35737)

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array- bounds overflow if billions of bytes are used in a string argument to a C API. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2024-49881)

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

Siemens SIMATIC S7-1500 Improper Validation of Certificate with Host Mismatch (CVE-2024-2466)

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-56606)

afpacket: avoid erroring out after sockinitdata in packetcreate After sockinitdata the allocated sk object is attached to the provided sock object. On error, packetcreate frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2020-13435)

SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504279;...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2017-9049)

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398. This plugi...

Siemens SIMATIC Devices Out-of-bounds Write (CVE-2024-35944)

VMCI: Fix memcpy run-time warning in dgdispatchashost This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503777; scriptversion"1.1";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-39509)

HID: core: remove unnecessary WARNON in implement. There is a warning in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed out with the help of hidwarn and value in question gets trimmed with:...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-57986)

HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503502;...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26877)

crypto: xilinx - call finalize with bh disabled. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503518; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-50302)

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...