Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Ruijie
Equipment: Reyee OS
Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Exposure of Private Personal Information to an Unauthorized Actor, Premature Release of Resource During Expected Lifetime, Insecure Storage of Sensitive Information, Use of Weak Credentials, Improper Neutralization of Wildcards or Matching Symbols, Improper Handling of Insufficient Permissions or Privileges, Server-Side Request Forgery (SSRF), Use of Inherently Dangerous Function, Resource Leak
2. RISK EVALUATION
Successful exploitation of this vulnerabilities could allow attackers to take near full control over the device.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Ruijie product is affected:
Reyee OS: Versions 2.206.x up to but not including 2.320.x
3.2 Vulnerability Overview
3.2.1 Weak Password Recovery Mechanism for Forgotten Password CWE-640
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks.
CVE-2024-47547 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L).
A CVSS v4 score has also been calculated for CVE-2024-47547. A base score of 9.3 has been calculated; the CVSS vector string is (CVSS4.0/AV:N/AC:L/AT:...
December 3rd, 2024 (5 months ago)
|
|
|
Description: Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners of this guidance include:
Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)
Canadian Centre for Cyber Security (CCCS)
New Zealand’s National Cyber Security Centre (NCSC-NZ)
This guidance was crafted in response to a People’s Republic of China (PRC)-affiliated threat actor’s compromise of "networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign." The compromise of private communications impacted a limited number of individuals who are primarily involved in government or political activity.
CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organizations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion. For more information on PRC state-sponsored threat actor activity, see CISA’s People's Republic of China Cyber Threat. For more information on secure by design principles, see CISA’s Secure by Design webpage. Customers should refer to CISA’s Secure by Demand guidance for additional product security considerations.
December 3rd, 2024 (5 months ago)
|
|
|
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.5
ATTENTION: Low attack complexity
Vendor: Open Automation Software
Equipment: Open Automation Software
Vulnerability: Incorrect Execution-Assigned Permissions
2. RISK EVALUATION
Successful exploitation of this vulnerability could result in an attacker executing code with escalated privileges.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Open Automation Software, an HMI, SCADA, and IoT solution, are affected:
Open Automation Software: prior to V20.00.0076
3.2 Vulnerability Overview
3.2.1 INCORRECT EXECUTION-ASSIGNED PERMISSIONS CWE-279
A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation.
CVE-2024-11220 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-11220. A base score of 8.5 has been calculated; the CVSS vector string is (AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United States
3.4 RESEARCHER
elcazator of Elex Feigong Research Institute of Elex CyberSecurity Inc. reported...
December 3rd, 2024 (5 months ago)
|
|
|
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.4
ATTENTION: Low attack complexity
Vendor: Fuji Electric
Equipment: Tellus Lite V-Simulator
Vulnerabilities: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could crash the device being accessed.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
VS5Sim is a simulator of V-SFT Ver5 packaged with Fuji Electric Tellus Lite V-Simulator, a remote monitoring and operation software. The following versions are affected:
Tellus Lite: Version 4.0.20.0
3.2 Vulnerability Overview
3.2.1 Out-of-bounds Write CWE-787
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V8 files in the V-Simulator 5 component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2024-11799 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-11799. A base score of 8.4 has been calculated; the CVSS vector string is (CVSS:4.0/AV...
December 3rd, 2024 (5 months ago)
|
|
|
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: RUGGEDCOM APE1808
Vulnerabilities: Missing Authentication for Critical Function, NULL Pointer Dereference, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to gain access to the management web interface or cause a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Siemens products are affected:
RUGGEDCOM APE1808: all versions (CVE-2024-2550)
RUGGEDCOM APE1808: all versions (CVE-2024-0012, CVE-2024-2552, CVE-2024-9474)
3.2 Vulnerability Overview
3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges and perform administrative actions, tamper with the configuration, or exploit other authenticated privi...
December 3rd, 2024 (5 months ago)
|
|
|
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.4
ATTENTION: Low attack complexity
Vendor: Fuji Electric
Equipment: Monitouch V-SFT
Vulnerability: Out-of-bounds Write
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could crash the device being accessed.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following version of Fuji Electric's Monitouch V-SFT, a screen configuration software, is affected:
Monitouch V-SFT: Version 6.2.3.0 and prior.
3.2 Vulnerability Overview
3.2.1 Out-of-bounds Write CWE-787
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V10 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2024-11787 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-11787. A base score of 8.4 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 Out-of-bounds Write CWE-787
This vulnera...
December 3rd, 2024 (5 months ago)
|
|
|
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.5
ATTENTION: Low attack complexity
Vendor: ICONICS, Mitsubishi Electric
Equipment: ICONICS GENESIS64 Product Suite and Mitsubishi Electric MC Works64
Vulnerabilities: Uncontrolled Search Path Element, Dead Code
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
ICONICS reports that the following versions of ICONICS and Mitsubishi Electric products are affected:
GENESIS64 AlarmWorX Multimedia (AlarmWorX64 MMX): Versions prior to 10.97.3 (CVE-2024-8299 and CVE-2024-9852)
GENESIS64: Version 10.97.2, 10.97.2 CFR1, 10.97.2 CFR2, and 10.97.3 (CVE-2024-8300)
Mitsubishi Electric MC Works64: all versions (CVE-2024-8299, CVE-2024-9852)
3.2 Vulnerability Overview
3.2.1 Uncontrolled Search Path Element CWE-427
An uncontrolled search path element in the AlarmWorX64 MMX Phone agent can provide the potential for DLL hijacking and malicious code execution.
CVE-2024-8299 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-8299. A base score of 8.5 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 Uncontrolled Search Path Element CWE-427
An uncontrolled search path element in the AlarmWorX64 MMX Fax agent can provid...
December 3rd, 2024 (5 months ago)
|
|
|
Description: An international law enforcement operation codenamed 'Operation Passionflower' has shut down MATRIX, an encrypted messaging platform used by cybercriminals to coordinate illegal activities while evading police. [...]
December 3rd, 2024 (5 months ago)
|
CVE-2023-45727 |
Description: North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Entity (XXE) reference vulnerability, which could allow a remote, unauthenticated attacker to conduct an XXE attack.
CVSS: LOW (0.0) EPSS Score: 23.62%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-11680 |
Description: ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable unauthorized modification of the application's configuration via crafted HTTP requests to options.php. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript.
CVSS: LOW (0.0) EPSS Score: 46.82%
December 3rd, 2024 (5 months ago)
|