Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-26389 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 10.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: OZW Web Servers
Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the device with root privileges.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
OZW672: Versions prior to V8.0 (CVE-2025-26389)
OZW672: Versions prior to V6.0 (CVE-2025-26390)
OZW772: Versions prior to V8.0 (CVE-2025-26389)
OZW772: Versions prior to V6.0 (CVE-2025-26390)
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78
The web service in affected devices does not sanitize the input parameters required for the ex-exportDiagramPage endpoint. This could allow an unauthenticated remote attacker to execute arbitrary code with root privileges.
CVE-2025-26389 has been assigned to this v...
CVSS: CRITICAL (10.0) EPSS Score: 0.28%
May 15th, 2025 (23 days ago)
|
|
CVE-2025-32469 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.4
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: RUGGEDCOM ROX II
Vulnerabilities: Client-Side Enforcement of Server-Side Security
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker with a legitimate, highly privileged account on the web interface to get privileged code execution in the underlying OS of the affected products.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
RUGGEDCOM ROX MX5000: Versions prior to V2.16.5
RUGGEDCOM ROX RX1536: Versions prior to V2.16.5
RUGGEDCOM ROX RX5000: Versions prior to V2.16.5
RUGGEDCOM ROX MX5000RE: Versions prior to V2.16.5
RUGGEDCOM ROX RX1400: Versions prior to V2.16.5
RUGGEDCOM ROX RX1500: Versions prior to V2.16.5
RUGGEDCOM ROX RX1501: Versions prior to V2.16.5
RUGGEDCOM ROX RX1510: Versions prior to V2.16.5
RUGGEDCOM ROX RX1511: Versions prior to V2.16.5
RUGGEDCOM ROX RX1512: Versions prior to V2.16.5
RUGGEDCOM ROX RX1524: Versions prior to V2.16.5
3.2 VULNERABILITY OVERVIEW
3.2.1 CLIENT-SIDE ENFORCEMENT OF SERVER-SIDE SECURITY CWE-602
The 'ping' too...
CVSS: CRITICAL (9.9) EPSS Score: 0.27%
May 15th, 2025 (23 days ago)
|
|
CVE-2024-54085 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 10.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: IPC RS-828A
Vulnerability: Authentication Bypass by Spoofing
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports the following rugged industrial PCs are affected:
SIMATIC IPC RS-828A: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 AUTHENTICATION BYPASS BY SPOOFING CWE-290
AMI's SPx contains a vulnerability in the BMC where an attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
CVE-2024-54085 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-54085. A base score of 10.0 has been calculated; the CVSS vector stri...
CVSS: CRITICAL (10.0)
May 15th, 2025 (23 days ago)
|
|
CVE-2025-46052 |
Description: An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
May 15th, 2025 (23 days ago)
|
|
CVE-2025-4564 |
Description: The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
CVSS: CRITICAL (9.8) EPSS Score: 0.6%
May 15th, 2025 (24 days ago)
|
|
CVE-2025-32002 |
Description: Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier when 'Remote Link3 function' is enabled. If exploited, a remote unauthenticated attacker may execute an arbitrary OS command.
CVSS: CRITICAL (9.8) EPSS Score: 0.62%
May 15th, 2025 (24 days ago)
|
|
CVE-2025-3917 |
Description: The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVSS: CRITICAL (9.8) EPSS Score: 0.17%
May 15th, 2025 (24 days ago)
|
|
CVE-2025-47889 |
Description: In Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm, allowing unauthenticated attackers to log in to controllers using this security realm using any username and any password, including usernames that do not exist.
CVSS: CRITICAL (9.8) EPSS Score: 0.06%
May 14th, 2025 (24 days ago)
|
|
CVE-2025-47884 |
Description: In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a trusted job, potentially gaining unauthorized access to external services.
CVSS: CRITICAL (9.1) EPSS Score: 0.05%
May 14th, 2025 (24 days ago)
|
|
CVE-2025-27891 |
Description: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.
CVSS: CRITICAL (9.1) EPSS Score: 0.06%
May 14th, 2025 (24 days ago)
|