Siemens SCALANCE X Switches (Update D)
EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Insufficient Resource Pool 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-225-03 Siemens SCALANCE...
8.6CVSS
8.7AI Score
0.001EPSS
Siemens PROFINET DCP (Update V)
EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP) Vulnerabilities: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory...
6.5CVSS
7AI Score
0.003EPSS
AlmaLinux 8 : kernel (ALSA-2021:0558)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:0558 advisory. A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to...
7.8CVSS
7.9AI Score
0.003EPSS
Multiple Siemens Industrial Products Denial of Service Vulnerabilities
SIMATIC Drive Controller family products are machines designed for production automation, combining the functions of SIMATIC S7-1500 CPUs and SINAMICS S120 drive controls.SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments, such as...
7.5CVSS
2.3AI Score
0.001EPSS
Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10002)
SIMATIC Drive Controller family products are machines designed for production automation, combining the functions of SIMATIC S7-1500 CPUs and SINAMICS S120 drive controls.SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments, such as...
7.5CVSS
2.3AI Score
0.001EPSS
Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10003)
SIMATIC Drive Controller family products are machines designed for production automation, combining the functions of SIMATIC S7-1500 CPUs and SINAMICS S120 drive controls.SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments, such as...
7.5CVSS
2.3AI Score
0.001EPSS
Siemens Industrial Real-Time Devices Improper Input Validation (CVE-2019-10923)
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants),...
7.5CVSS
7.5AI Score
0.001EPSS
Siemens PROFINET-IO Stack Uncontrolled Resource Consumption (CVE-2019-13946)
Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable...
7.5CVSS
7.5AI Score
0.001EPSS
Siemens OpenSSL in Industrial Products (CVE-2021-3449)
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then.....
5.9CVSS
7AI Score
0.005EPSS
Siemens PROFINET DCP Uncontrolled Resource Consumption (CVE-2017-2680)
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. This plugin only works with Tenable.ot. Please visit...
6.5CVSS
6.5AI Score
0.003EPSS
Siemens PROFINET Devices Allocation of Resources Without Limits or Throttling (CVE-2020-28400)
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. This plugin only works with Tenable.ot. Please visit...
7.5CVSS
7.7AI Score
0.002EPSS
Siemens PROFINET DCP Uncontrolled Resource Consumption (CVE-2017-2681)
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. This vulnerability affects only SIMATIC HMI....
6.5CVSS
6.2AI Score
0.001EPSS
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count....
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU...
7.5CVSS
7.3AI Score
0.011EPSS
NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2021-0126)
The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and...
7.8CVSS
7AI Score
0.003EPSS
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0104)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel...
7.8CVSS
-0.2AI Score
0.008EPSS
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random...
7.5CVSS
7.8AI Score
0.069EPSS
Siemens SCALANCE W1750D (Update B)
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE W1750D Vulnerabilities: Improper Authentication, Classic Buffer Overflow, Command Injection, Improper Input Validation, Race Condition, Cross-site Scripting, Basic XSS,...
9.8CVSS
9.6AI Score
0.407EPSS
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3.....
6.5CVSS
6.3AI Score
0.001EPSS
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security...
5.3CVSS
5.4AI Score
0.002EPSS
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Aruba Instant.....
7.2CVSS
7.2AI Score
0.003EPSS
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant....
7.2CVSS
7.2AI Score
0.003EPSS
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x:...
7.2CVSS
7.2AI Score
0.003EPSS
A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security...
9.8CVSS
9.7AI Score
0.006EPSS
Multiple Siemens SIMATIC products vulnerable to sensitive information disclosure
SIPLUS extreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices.The SIMATIC CP 1543-1 and SIMATIC CP 1545-1 communication processors connect the S7-1500 controllers to the Ethernet. It...
6.5CVSS
1.5AI Score
0.001EPSS
Siemens SIMATIC NET CP Module Denial of Service Vulnerability
The Communication Processor (CP) modules of the SIMATIC CP 343-1 and CP 443-1 series are designed to support SIMATIC S7-300/S7-400 CPUs for Ethernet communication.SIPLUS Extreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO! , SIMOTION,...
7.5CVSS
2.8AI Score
0.001EPSS
Siemens SCALANCE and SIMATIC libcurl (Update B)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE and SIMATIC Vulnerability: Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-21-068-10 Siemens SCALANCE and...
7.5CVSS
8.8AI Score
0.003EPSS
Siemens SCALANCE X Products (Update B)
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE X Products Vulnerabilities: Missing Authentication for Critical Function, Heap-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the...
9.8CVSS
9.4AI Score
0.002EPSS
Siemens Web Server of SCALANCE X200 (Update A)
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Web Server of SCALANCE X200 Vulnerabilities: Heap-based Buffer Overflow, Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...
9.8CVSS
10AI Score
0.006EPSS
A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address....
6.2CVSS
6.2AI Score
0.001EPSS
A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that...
4.9CVSS
5.1AI Score
0.001EPSS
A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.3, 8.6.0.9, 8.5.0.12, 8.3.0.16, 6.5.4.19, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and....
6.5CVSS
6.4AI Score
0.001EPSS
A remote path traversal vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security...
6.5CVSS
6.2AI Score
0.001EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and...
7.2CVSS
7AI Score
0.003EPSS
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and...
8.1CVSS
8AI Score
0.001EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. Aruba has released patches for ArubaOS that address this security...
7.2CVSS
7.1AI Score
0.002EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and....
7.2CVSS
7AI Score
0.003EPSS
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0. Aruba has released patches for ArubaOS that address this security...
6.5CVSS
6.2AI Score
0.001EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and....
7.2CVSS
7AI Score
0.003EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and...
7.2CVSS
7AI Score
0.003EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and....
7.2CVSS
7AI Score
0.003EPSS
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. Aruba has released patches for ArubaOS that address this security...
7.2CVSS
7.1AI Score
0.002EPSS
A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that...
9.8CVSS
9.6AI Score
0.005EPSS
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler...
5.9CVSS
6.6AI Score
0.007EPSS
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead...
3.7CVSS
5.7AI Score
0.002EPSS
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the...
7.5CVSS
7.5AI Score
0.002EPSS
EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2021-2140)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through...
7.8CVSS
8.9AI Score
0.013EPSS
An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to...
7.5CVSS
0.002EPSS
An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to...
7.5CVSS
7.4AI Score
0.002EPSS
An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to...
7.5CVSS
7.4AI Score
0.002EPSS