CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A Threat Actor is Selling HANNIBAL Stealer
February 4th, 2025 (5 months ago)
|
|
|
Description: Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems.
The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to
February 4th, 2025 (5 months ago)
|
CVE-2025-0630 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 6.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Western Telematic Inc
Equipment: NPS Series, DSM Series, CPM Series
Vulnerability: External Control of File Name or Path
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an authenticated attacker to gain privileged access to files on the device's filesystem.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Western Telematic Inc products are affected:
Network Power Switch (NPS Series): Firmware Version 6.62 and prior
Console Server (DSM Series): Firmware Version 6.62 and prior
Console Server + PDU Combo Unit (CPM Series): Firmware Version 6.62 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 External Control of File Name or Path CWE-73
Multiple Western Telematic (WTI) products contain a web interface that is vulnerable to a Local File Inclusion Attack (LFI), where any authenticated user has privileged access to files on the device's filesystem.
CVE-2025-0630 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
A CVSS v4 score has also been calculated for CVE-2025-0630. A base score of 6.0 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Communications
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United States
...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-11425 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.7
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
Vulnerability: Incorrect Calculation of Buffer Size
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user sends a crafted HTTPS packet to the webserver.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC are affected:
Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety): Versions prior to SV4.30
Modicon M580 CPU Safety (part numbers BMEP58-S and BMEH58-S): Versions prior to SV4.21
BMENOR2200H: All versions
EVLink Pro AC: Versions prior to v1.3.10
3.2 VULNERABILITY OVERVIEW
3.2.1 INCORRECT CALCULATION OF BUFFER SIZE CWE-131
The affected product is vulnerable to an incorrect calculation of buffer size vulnerability which could cause a denial-of-service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver.
CVE-2024-11425 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
A CVSS v4 score has also been calculated for CVE-2024-11425. A base score of 8.7 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGRO...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-0960 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: AutomationDirect
Equipment: C-more EA9 HMI
Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition or achieve remote code execution on the affected device.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Automation Direct products are affected:
C-more EA9 HMI EA9-T6CL: v6.79 and prior
C-more EA9 HMI EA9-T7CL-R: v6.79 and prior
C-more EA9 HMI EA9-T7CL: v6.79 and prior
C-more EA9 HMI EA9-T8CL: v6.79 and prior
C-more EA9 HMI EA9-T10CL: v6.79 and prior
C-more EA9 HMI EA9-T10WCL: v6.79 and prior
C-more EA9 HMI EA9-T12CL: v6.79 and prior
C-more EA9 HMI EA9-T15CL-R: v6.79 and prior
C-more EA9 HMI EA9-T15CL: v6.79 and prior
C-more EA9 HMI EA9-RHMI: v6.79 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-120
AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving remote code execution on the affected device.
CVE-2025-0960 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also bee...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-12399 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 6.1
ATTENTION: Exploitable remotely
Vendor: Schneider Electric
Equipment: Pro-face GP-Pro EX and Remote HMI
Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow man-in-the-middle attacks, resulting in information disclosure, integrity issues, and operational failures.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Pro-face GP-Pro EX and Remote HMI are affected:
Pro-face GP-Pro EX: All versions
Pro-face Remote HMI: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER ENFORCEMENT OF MESSAGE INTEGRITY DURING TRANSMISSION IN A COMMUNICATION CHANNEL CWE-924
The affected products are vulnerable to an improper enforcement of message integrity during transmission in a communication channel vulnerability that could cause partial loss of confidentiality, loss of integrity, and availability of the HMI when attacker performs man-in-the-middle attack by intercepting the communication.
CVE-2024-12399 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-12399. A base score of 6.1 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: E...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-12476 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Schneider Electric
Equipment: Web Designer for Modicon
Vulnerability: Improper Restriction of XML External Entity Reference
2. RISK EVALUATION
Successful exploitation of this vulnerability could result in information disclosure, workstation integrity and potential remote code execution on the compromised computer.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Web Designer for Modicon are affected:
Web Designer for BMXNOR0200H: All versions
Web Designer for BMXNOE0110(H): All versions
Web Designer for BMENOC0311(C): All versions
Web Designer for BMENOC0321(C): All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611
The affected product is vulnerable to an improper restriction of XML external entity reference vulnerability that could cause information disclosure, impacts to workstation integrity, and potential remote code execution on the compromised computer when a specifically crafted XML file is imported in the Web Designer configuration tool.
CVE-2024-12476 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems
COUNTRIES/AREAS DEPLOYED:...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-12142 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 8.6
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Modicon M340 and BMXNOE0100/0110, BMXNOR0200H
Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause information disclosure of a restricted web page, modification of a web page, and a denial of service when specific web pages are modified and restricted functions invoked.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Schneider Electric products, Modicon M340 and BMXNOE0100/0110, BMXNOR0200H, are affected:
Modicon M340 processors (part numbers BMXP34*): All versions
BMXNOE0100: All versions
BMXNOE0110: All versions
BMXNOR0200H: Versions prior to SV1.70IR26
3.2 VULNERABILITY OVERVIEW
3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200
The affected products are vulnerable to an exposure of sensitive information to an unauthorized actor vulnerability, which could cause information disclosure of restricted web page, modification of web page, and denial of service when specific web pages are modified and restricted functions invoked.
CVE-2024-12142 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy
COUNTRIES/ARE...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
|
February 4th, 2025 (5 months ago)
|
|
CVE-2024-45195 |
Description: Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.
EPSS Score: 75.58%
February 4th, 2025 (5 months ago)
|