CVE-2022-50981

CVE-2022-50981 affects Innomic VibroLine VLX HD 5.0 and avibia AVLX (per CVE records). Affected devices are shipped with no password by default, and password setting is not enforced. This creates an unauthenticated remote access risk where an attacker could gain full control. The Red Hat, NVD, CV...

CVE-2022-50981 Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...

CVE-2022-50981 Multiple Innomic VibroLine VLX HD 5.0 and avibia AVLX weak password requirements

An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced...

CVE-2022-50980

CVE-2022-50980 affects Innomic VibroLine VLX and avibia AVLX devices. Affected component is the CAN bus configuration handling, where an unauthenticated adjacent attacker can switch between multiple configuration presets, potentially disrupting operations. The root cause is unauthenticated access...

CVE-2022-50980 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via CAN

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...

CVE-2022-50980 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via CAN

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...

CVE-2022-50979 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (RS485)

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...

CVE-2022-50979 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (RS485)

An unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus RS485...

CVE-2022-50979

CVE-2022-50979 affects Innomic VibroLine VLX and avibia AVLX devices. An unauthenticated adjacent attacker can disrupt operations by switching between multiple configuration presets via Modbus (RS485). The impact is focused on availability (disruption of operations) with no confidentiality/integr...

CVE-2022-50978 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (TCP)

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

CVE-2022-50978 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (TCP)

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

CVE-2022-50978

CVE-2022-50978 affects Innomic VibroLine VLX and avibia AVLX devices. The issue allows an unauthenticated remote attacker to disrupt operations by switching between multiple configuration presets via Modbus (TCP). The Red Hat, NVD, CVE List, and related enrichments corroborate this description. T...

CVE-2022-50977 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTP

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP...

CVE-2022-50977

The CVE-2022-50977 issue affects Innomic VibroLine VLX and avibia AVLX devices, allowing an unauthenticated remote attacker to switch between multiple configuration presets via HTTP, potentially disrupting operations. The root cause is unauthenticated HTTP access enabling preset changes, with a h...

CVE-2022-50977 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTP

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP...

CVE-2022-50976

CVE-2022-50976 affects Innomic VibroLine Configurator and avibia Configurator. A local attacker can trigger a full device reset by resetting device passwords with an invalid reset file over USB, per Red Hat/NVD/CVE records. The vulnerability is local, requires no user interaction, and can impact ...

CVE-2022-50976 Innomic VibroLine Configurator and avibia Configurator allow unintended device reset via USB

A local attacker could cause a full device reset by resetting the device passwords using an invalid reset file via USB...

CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

Innomic VibroLine Series 访问控制错误漏洞

The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series contains a security access control vulnerability. This vulnerability arises from the possibility for unverified remote attackers to use th...