CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[zip] zip Incorrectly Canonicalizes Paths during Archive Extraction Leading to Arbitrary File Write
Description: Summary In the archive extraction routine of affected versions of the zip crate, symbolic links earlier in the archive are allowed to be used for later files in the archive without validation of the final canonicalized path, allowing maliciously crafted archives to overwrite arbitrary files in the file system when extracted. Details This is a variant of the zip-slip vulnerability, we can make the extraction logic step outside of the target directory by creating a symlink to the parent directory and then extracting further files through that symlink. The documentation of the [::zip::read::ZipArchive::extract] method is in my opinion implying this should not happen: "Paths are sanitized with ZipFile::enclosed_name." ... [::zip::read::FileOptions::enclosed_name] ... is resistant to path-based exploits ... can’t resolve to a path outside the current directory. Most archive software either decline to extract symlinks that traverse out of the directory or defer creation of symlinks after all files have been created to prevent unexpected behavior when later entries depend on earlier symbolic link entries. PoC https://gist.github.com/eternal-flame-AD/bf71ef4f6828e741eb12ce7fd47b7b85 Impact Users who extract untrusted archive files using the following high-level API method may be affected and critical files on the system may be overwritten with arbitrary file permissions, which can potentially lead to code execution. zip::unstable::stream::ZipStreamReader::extract zip::read::Zip...

CVSS: HIGH (7.3)

EPSS Score: 0.09%

Source: Github Advisory Database (Rust)
March 17th, 2025 (4 months ago)

CVE-2025-27396
Siemens SCALANCE LPE9403 Improper Check for Dropped Privileges (CVE-2025-27396)
Description: Tenable OT Security Plugin ID 503134 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. This could allow an authenticated lowly-privileged remote attacker to escalate their privileges.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503134

CVSS: HIGH (8.8)

EPSS Score: 0.07%

Source: Tenable Plugins
March 17th, 2025 (4 months ago)

CVE-2025-27394
Siemens SCALANCE LPE9403 OS Command Injection (CVE-2025-27394)
Description: Tenable OT Security Plugin ID 503135 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503135

CVSS: HIGH (7.2)

EPSS Score: 0.19%

Source: Tenable Plugins
March 17th, 2025 (4 months ago)

CVE-2025-27393
Siemens SCALANCE LPE9403 OS Command Injection (CVE-2025-27393)
Description: Tenable OT Security Plugin ID 503136 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503136

CVSS: HIGH (7.2)

EPSS Score: 0.19%

Source: Tenable Plugins
March 17th, 2025 (4 months ago)

CVE-2025-27392
Siemens SCALANCE LPE9403 OS Command Injection (CVE-2025-27392)
Description: Tenable OT Security Plugin ID 503138 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly- privileged remote attacker to execute arbitrary code on the device.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503138

CVSS: HIGH (7.2)

EPSS Score: 0.19%

Source: Tenable Plugins
March 17th, 2025 (4 months ago)

CVE-2025-27395
Siemens SCALANCE LPE9403 Path Traversal (CVE-2025-27395)
Description: Tenable OT Security Plugin ID 503139 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503139

CVSS: HIGH (7.2)

EPSS Score: 0.11%

Source: Tenable Plugins
March 17th, 2025 (4 months ago)

CVE-2025-22473
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used...
Description: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE
March 17th, 2025 (4 months ago)

CVE-2025-22472
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used...
Description: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of commands with elevated privileges.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE
March 17th, 2025 (4 months ago)

CVE-2024-49561
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A...
Description: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

CVSS: HIGH (7.8)

EPSS Score: 0.01%

Source: CVE
March 17th, 2025 (4 months ago)

CVE-2024-49559
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low...
Description: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
March 17th, 2025 (4 months ago)