MEIKYO ELECTRIC CO.,LTD. Security Vulnerabilities

(RHSA-2024:2941) Important: RHACS 4.4 enhancement and security update

This release of RHACS 4.4.2 provides the following bug fixes: Before this update, Collector pods on nodes with 128 or more cores would fail with a CrashLoopBackOff status due to issues with how the CO-RE BPF allocated kernel memory. The patch release fixes this issue. This release updates the...

CVE-2024-36007

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority)...

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

CVE-2024-36007

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority)...

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

CVE-2024-31936

Cross-Site Request Forgery (CSRF) vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before...

StruxureWare SCADA Expert ClearSCADA Detection

StruxureWare SCADA Expert ClearSCADA (formerly Schneider Electric ClearSCADA), a suite of tools targeting factory and process automation solutions, is installed on the remote Windows...

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the...

CVE-2024-1917

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted...

CVE-2024-1915

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted...

CVE-2024-1916

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted...

CVE-2024-0803

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted...

Command Execution Vulnerability in Dahua EIMS System of Zhejiang Dahua Technology Co.

Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A command execution vulnerability exists in the Dahua EIMS system of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to gain server...

GE D20 Default Credentials

The remote device appears to be a General Electric D20 Remote Terminal that can be accessed using default credentials. An attacker could leverage this issue to gain administrative access to the affected...

co-2.ch Cross Site Scripting vulnerability OBB-3831720

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Telvent OASyS System Detection

The remote host is running the Telvent OASyS Application. Telvent OASyS is a SCADA system widely used to control pipelines. It may also be found in electric, water, and other SCADA...

Mitsubishi Electric MELSEC iQ-R Series Overly Restrictive Account Lockout Mechanism (CVE-2021-20598)

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect...

CVE-2024-3016

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated...

CVE-2024-0802

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted...

CVE-2023-23990 WordPress Redirection for Contact Form 7 plugin <= 2.7.0 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through...

CVE-2024-24245

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool...

Schneider Electric APC Easy UPS Online Monitoring Software Missing Authentication (CVE-2022-42970)

The Schneider Electric APC Easy UPS Online Monitoring Software running on the remote host is missing authentication for critical functions. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to change the application's Administrator...

StruxureWare SCADA Expert ClearSCADA Unspecified Vulnerability

The remote host is running StruxureWare SCADA Expert ClearSCADA (formerly Schneider Electric ClearSCADA) 2013 R2 or earlier. It is, therefore, affected by an unspecified vulnerability related to a project-file validation flaw in an optional component, PLC...

SISCO OSI/ICCP Stack Detection

The remote host is running a SISCO ICCP server. ICCP servers are commonly used in electric transmission and generation systems. The SISCO stack is used in many third-party ICCP servers including those sold by Areva and...

CVE-2024-29243

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at...

Siemens-Telegyr ICCP Gateway Detection

The remote host is running a Siemens Telegyr ICCP Gateway. ICCP servers are commonly used in electric transmission and generation systems. Production EMS systems should be scanned carefully because they have been known to have vulnerabilities in proprietary applications and...

CVE-2024-25376

An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair...

CVE-2024-29244

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at...

Areva/Alstom Energy Management System Detection

The remote host is running an Areva/Alstom EMS (Energy Management) Server. Areva/Alstom EMS servers are commonly used in electric transmission and generation systems. Production EMS systems should be scanned carefully because they have been known to have vulnerabilities in proprietary applications....

Modicon Modbus/TCP UnityPro Programming Function Code Access

A Modicon PLC Modbus TCP interface is listening on TCP port 502 and is accessible via the Schneider Electric UnityPro function code 90. An attacker that is able to gain network access to this device can reprogram PLC logic or otherwise impact the integrity of the...

Tamarack IEC 61850 Server Detection

Tamarack Consulting supplies software and consulting services to vendors implementing standards-based communications in the electric utility industry. Although Windows demo versions of the stack are available from distributors such as Netted Automation, this software is primarily used in embedded.....

CVE-2024-1067 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

StruxureWare SCADA Expert ClearSCADA Remote Security Bypass

The remote web server is a version of StruxureWare SCADA Expert ClearSCADA (formerly Schneider Electric ClearSCADA) prior to version 2010 R3.2 / 2014 R1.1, or a version of 2013 R1 to 2013 R2.1. It is, therefore, affected by an authentication bypass vulnerability due to the default guest account...

Mitsubishi Electric MELSEC iQ-R Series Cleartext Transmission of Sensitive Information (CVE-2021-20599)

Authorization bypass through user-controlled key vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows an remote unauthenticated attacker to login to a target CPU module by obtaining...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Weak Password Requirements (CVE-2023-2060)

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or...

Schneider Electric Modicon Forced Browsing (CVE-2020-7541)

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending....

Exploit for Command Injection in Paloaltonetworks Pan-Os

CVE-2024-3400-pot Simple honeypot for CVE-2024-3400 Palo Alto...

CVE-2024-26984 nouveau: fix instmem race condition around ptr stores

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, address:...

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Missing Password Field Masking (CVE-2023-2062)

Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series...

Mitsubishi Electric MELSEC Series CPU Module Buffer Copy Without Checking Size of Input (CVE-2023-1424)

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending...

CVE-2024-28957

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the...

Mitsubishi Electric MELSEC iQ-R Series Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-20594)

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to acquire legitimate user names registered in the module via.....

Deserialization Vulnerability in Isthmus Electronic Document Security Management System (CNVD-2024-17662)

Beijing Yisetong Technology Development Co., Ltd. is a leading provider of data security business and network security business at home and abroad. A deserialization vulnerability exists in Yisetong's electronic document security management system, which can be exploited by an attacker to gain...

CVE-2024-28894

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 headers exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted...

StruxureWare SCADA Expert ClearSCADA < 2013 R2 Remote DoS

The remote web server is a version of StruxureWare SCADA Expert ClearSCADA (formerly Schneider Electric ClearSCADA) prior to 2013 R2. It is, therefore, affected by a remote denial of service vulnerability due to a flaw in DNP3Driver.exe. An attacker can potentially exploit this vulnerability by...

CVE-2024-23911

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted...

CVE-2024-29908

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Stored XSS.This issue affects Co-marquage service-public.Fr: from n/a through...