Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-26389

Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: OZW Web Servers Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the device with root privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: OZW672: Versions prior to V8.0 (CVE-2025-26389) OZW672: Versions prior to V6.0 (CVE-2025-26390) OZW772: Versions prior to V8.0 (CVE-2025-26389) OZW772: Versions prior to V6.0 (CVE-2025-26390) 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION') CWE-78 The web service in affected devices does not sanitize the input parameters required for the ex-exportDiagramPage endpoint. This could allow an unauthenticated remote attacker to execute arbitrary code with root privileges. CVE-2025-26389 has been assigned to this v...

CVSS: CRITICAL (10.0)

EPSS Score: 0.28%

Source: All CISA Advisories
May 15th, 2025 (23 days ago)

CVE-2025-32469

Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM ROX II Vulnerabilities: Client-Side Enforcement of Server-Side Security 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with a legitimate, highly privileged account on the web interface to get privileged code execution in the underlying OS of the affected products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: RUGGEDCOM ROX MX5000: Versions prior to V2.16.5 RUGGEDCOM ROX RX1536: Versions prior to V2.16.5 RUGGEDCOM ROX RX5000: Versions prior to V2.16.5 RUGGEDCOM ROX MX5000RE: Versions prior to V2.16.5 RUGGEDCOM ROX RX1400: Versions prior to V2.16.5 RUGGEDCOM ROX RX1500: Versions prior to V2.16.5 RUGGEDCOM ROX RX1501: Versions prior to V2.16.5 RUGGEDCOM ROX RX1510: Versions prior to V2.16.5 RUGGEDCOM ROX RX1511: Versions prior to V2.16.5 RUGGEDCOM ROX RX1512: Versions prior to V2.16.5 RUGGEDCOM ROX RX1524: Versions prior to V2.16.5 3.2 VULNERABILITY OVERVIEW 3.2.1 CLIENT-SIDE ENFORCEMENT OF SERVER-SIDE SECURITY CWE-602 The 'ping' too...

CVSS: CRITICAL (9.9)

EPSS Score: 0.27%

Source: All CISA Advisories
May 15th, 2025 (23 days ago)

CVE-2024-54085

Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: IPC RS-828A Vulnerability: Authentication Bypass by Spoofing 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following rugged industrial PCs are affected: SIMATIC IPC RS-828A: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 AUTHENTICATION BYPASS BY SPOOFING CWE-290 AMI's SPx contains a vulnerability in the BMC where an attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. CVE-2024-54085 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-54085. A base score of 10.0 has been calculated; the CVSS vector stri...

CVSS: CRITICAL (10.0)

Source: All CISA Advisories
May 15th, 2025 (23 days ago)

CVE-2025-46052

Description: An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
May 15th, 2025 (23 days ago)

CVE-2025-4564

Description: The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

CVSS: CRITICAL (9.8)

EPSS Score: 0.6%

Source: CVE
May 15th, 2025 (23 days ago)

CVE-2025-32002

Description: Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier when 'Remote Link3 function' is enabled. If exploited, a remote unauthenticated attacker may execute an arbitrary OS command.

CVSS: CRITICAL (9.8)

EPSS Score: 0.62%

Source: CVE
May 15th, 2025 (24 days ago)

CVE-2025-3917

Description: The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: CRITICAL (9.8)

EPSS Score: 0.17%

Source: CVE
May 15th, 2025 (24 days ago)

CVE-2025-47889

Description: In Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm, allowing unauthenticated attackers to log in to controllers using this security realm using any username and any password, including usernames that do not exist.

CVSS: CRITICAL (9.8)

EPSS Score: 0.06%

Source: CVE
May 14th, 2025 (24 days ago)

CVE-2025-47884

Description: In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a trusted job, potentially gaining unauthorized access to external services.

CVSS: CRITICAL (9.1)

EPSS Score: 0.05%

Source: CVE
May 14th, 2025 (24 days ago)

CVE-2025-27891

Description: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.

CVSS: CRITICAL (9.1)

EPSS Score: 0.06%

Source: CVE
May 14th, 2025 (24 days ago)