30 matches found
EUVD-2015-7821
Malware in sbrugna...
EUVD-2025-22038
Malicious code in bioql PyPI...
EUVD-2025-12150
Malicious code in bioql PyPI...
PT-2025-38520
Westermo Network Technologies has identified a severe command injection vulnerability in its WeOS 5 operating system that could allow attackers to execute unauthorized commands remotely. Key Points: - A CVSS v4 score of 8.7 indicates a high risk of exploitation. - Remote attackers with...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on September 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-261-01 Westermo Network Technologies WeOS 5 ICSA-25-261-02 Westermo Network...
CVE-2025-54319
An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...
CVE-2025-54319
An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...
CVE-2025-54319
An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...
PT-2025-30217 · Westermo · Westermo Weos
Name of the Vulnerable Software and Affected Versions: Westermo WeOS versions 5.24 through 5.24.4 Description: An issue was discovered that allows a threat actor to potentially gain unauthorized access to sensitive information via system logging information, specifically through verbose syslog...
CVE-2025-54319
Westermo WeOS versions 5.24–5.24.4 are affected by CVE-2025-54319 due to verbose syslog logging that can disclose credentials, enabling potential unauthorized access to sensitive information. Root cause: logging configuration exposes credentials in syslog. Affected software: Westermo WeOS 5.x (5....
CVE-2025-54319
An issue was discovered in Westermo WeOS 5 5.24 through 5.24.4. A threat actor potentially can gain unauthorized access to sensitive information via system logging information syslog verbose logging that includes credentials...
Westermo WeOS 日志信息泄露漏洞
Westermo WeOS is an operating system from Westermo Sweden. A log information disclosure vulnerability exists in Westermo WeOS versions 5.24 through 5.24.4, which originates from the disclosure of system log information and could lead to the disclosure of sensitive information...
CVE-2025-46419
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet...
CVE-2025-46419
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet...
CVE-2025-46419
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet...
PT-2025-17681 · Westermo · Weos
Name of the Vulnerable Software and Affected Versions: Westermo WeOS versions 5 through 5.23.0 Description: The issue allows for a reboot via a malformed ESP packet. Recommendations: For Westermo WeOS versions 5 through 5.23.0, update to a version later than 5.23.0 to resolve the issue...
CVE-2025-46419
Westermo WeOS 5.x (versions 5 through 5.23.0) is affected. When IPSec is configured, processing of a malformed ESP packet can trigger an immediate device reboot, constituting a denial-of-service condition. The vulnerability’s CVSSv3.1 base metrics indicate NETWORK access, high attack complexity, ...
CVE-2025-46419
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet...
Westermo WeOS 安全漏洞
Westermo WeOS is an operating system from Westermo Sweden. A security vulnerability exists in Westermo WeOS 5 5.23.0 and earlier versions, which stems from malformed ESP packets and could lead to a reboot...
Westermo WeOS Cryptographic Issues (CVE-2015-7923)
Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in- the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key. This plugin only works with Tenable.ot. Please visit...