CVE-2023-35140

The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70ABTO.5 could allow an authenticated local user with read-only access to modify system settings on a vulnerable device...

CVE-2023-35140

The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70ABTO.5 could allow an authenticated local user with read-only access to modify system settings on a vulnerable device...

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client, Software House C•CURE Web Client Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation...

CVE-2020-9045

During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation...

Siemens SiPass integrated

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SiPass integrated Vulnerabilities: Improper Authentication, Improper Privilege Management, Channel Accessible by Non-Endpoint, Storing Passwords in a Recoverable Format AFFECTED PRODUCTS Siemens...