CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Outlining the expectations for the minimum requirement for forensic visibility, to help network defenders secure organisational networks both before and after a compromise.
February 4th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor Claims to be Selling the Data of Transak
February 4th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor is Selling an Advanced FUD PowerShell-to-EXE Converter Tool
February 4th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor is Selling HANNIBAL Stealer
February 4th, 2025 (5 months ago)
|
|
|
Description: Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems.
The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to
February 4th, 2025 (5 months ago)
|
CVE-2025-0630 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 6.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Western Telematic Inc
Equipment: NPS Series, DSM Series, CPM Series
Vulnerability: External Control of File Name or Path
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an authenticated attacker to gain privileged access to files on the device's filesystem.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Western Telematic Inc products are affected:
Network Power Switch (NPS Series): Firmware Version 6.62 and prior
Console Server (DSM Series): Firmware Version 6.62 and prior
Console Server + PDU Combo Unit (CPM Series): Firmware Version 6.62 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 External Control of File Name or Path CWE-73
Multiple Western Telematic (WTI) products contain a web interface that is vulnerable to a Local File Inclusion Attack (LFI), where any authenticated user has privileged access to files on the device's filesystem.
CVE-2025-0630 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
A CVSS v4 score has also been calculated for CVE-2025-0630. A base score of 6.0 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Communications
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United States
...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-11425 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.7
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Schneider Electric
Equipment: Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
Vulnerability: Incorrect Calculation of Buffer Size
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user sends a crafted HTTPS packet to the webserver.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC are affected:
Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety): Versions prior to SV4.30
Modicon M580 CPU Safety (part numbers BMEP58-S and BMEH58-S): Versions prior to SV4.21
BMENOR2200H: All versions
EVLink Pro AC: Versions prior to v1.3.10
3.2 VULNERABILITY OVERVIEW
3.2.1 INCORRECT CALCULATION OF BUFFER SIZE CWE-131
The affected product is vulnerable to an incorrect calculation of buffer size vulnerability which could cause a denial-of-service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver.
CVE-2024-11425 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
A CVSS v4 score has also been calculated for CVE-2024-11425. A base score of 8.7 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGRO...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2025-0960 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: AutomationDirect
Equipment: C-more EA9 HMI
Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition or achieve remote code execution on the affected device.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Automation Direct products are affected:
C-more EA9 HMI EA9-T6CL: v6.79 and prior
C-more EA9 HMI EA9-T7CL-R: v6.79 and prior
C-more EA9 HMI EA9-T7CL: v6.79 and prior
C-more EA9 HMI EA9-T8CL: v6.79 and prior
C-more EA9 HMI EA9-T10CL: v6.79 and prior
C-more EA9 HMI EA9-T10WCL: v6.79 and prior
C-more EA9 HMI EA9-T12CL: v6.79 and prior
C-more EA9 HMI EA9-T15CL-R: v6.79 and prior
C-more EA9 HMI EA9-T15CL: v6.79 and prior
C-more EA9 HMI EA9-RHMI: v6.79 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-120
AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving remote code execution on the affected device.
CVE-2025-0960 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also bee...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-12399 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 6.1
ATTENTION: Exploitable remotely
Vendor: Schneider Electric
Equipment: Pro-face GP-Pro EX and Remote HMI
Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow man-in-the-middle attacks, resulting in information disclosure, integrity issues, and operational failures.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Pro-face GP-Pro EX and Remote HMI are affected:
Pro-face GP-Pro EX: All versions
Pro-face Remote HMI: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER ENFORCEMENT OF MESSAGE INTEGRITY DURING TRANSMISSION IN A COMMUNICATION CHANNEL CWE-924
The affected products are vulnerable to an improper enforcement of message integrity during transmission in a communication channel vulnerability that could cause partial loss of confidentiality, loss of integrity, and availability of the HMI when attacker performs man-in-the-middle attack by intercepting the communication.
CVE-2024-12399 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-12399. A base score of 6.1 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: E...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|
|
CVE-2024-12476 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low attack complexity
Vendor: Schneider Electric
Equipment: Web Designer for Modicon
Vulnerability: Improper Restriction of XML External Entity Reference
2. RISK EVALUATION
Successful exploitation of this vulnerability could result in information disclosure, workstation integrity and potential remote code execution on the compromised computer.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Web Designer for Modicon are affected:
Web Designer for BMXNOR0200H: All versions
Web Designer for BMXNOE0110(H): All versions
Web Designer for BMENOC0311(C): All versions
Web Designer for BMENOC0321(C): All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611
The affected product is vulnerable to an improper restriction of XML external entity reference vulnerability that could cause information disclosure, impacts to workstation integrity, and potential remote code execution on the compromised computer when a specifically crafted XML file is imported in the Web Designer configuration tool.
CVE-2024-12476 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems
COUNTRIES/AREAS DEPLOYED:...
EPSS Score: 0.04%
February 4th, 2025 (5 months ago)
|