Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-13939

A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch “Nucleus 2017.02.02 Nucleus NET Patch”), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.

CVE
Open in Source
#vulnerability#pdf#auth

%PDF-1.5 %���� 1 0 obj << /D [2 0 R /XYZ 70.866 771.024 null] >> endobj 3 0 obj << /D [2 0 R /XYZ 70.866 640.124 null] >> endobj 4 0 obj << /D [2 0 R /XYZ 70.866 226.152 null] >> endobj 5 0 obj << /D [6 0 R /XYZ 85.039 321.623 null] >> endobj 7 0 obj << /D [8 0 R /XYZ 70.866 735.699 null] >> endobj 9 0 obj << /D [2 0 R /Fit] /S /GoTo >> endobj 2 0 obj << /Annots [10 0 R 11 0 R 12 0 R 13 0 R] /Resources 14 0 R /Parent 15 0 R /Contents 16 0 R /Type /Page /MediaBox [0 0 595.276 841.89] >> endobj 10 0 obj << /Subtype /Link /Border [0 0 0] /H /I /Type /Annot /C [0 1 1] /Rect [416.657 390.299 518.276 401.717] /A << /URI (https://support.mentor.com/en/product/1009925838/downloads) /Type /Action /S /URI >> >> endobj 12 0 obj << /Border [0 0 0] /Subtype /Link /H /I /Type /Annot /C [1 0 0] /Rect [458.38 296.157 518.276 306.722] /A << /D (section*.2) /S /GoTo >> >> endobj 17 0 obj << /Subtype /Link /Border [0 0 0] /H /I /Type /Annot /C [0 1 1] /Rect [164.798 745.893 487.754 757.43] /A << /URI (https://www.siemens.com/cert/operational-guidelines-industrial-security) /Type /Action /S /URI >> >> endobj 14 0 obj << /Font << /F45 18 0 R /F42 19 0 R >> /ProcSet [/PDF /Text] >> endobj 16 0 obj << /Filter /FlateDecode /Length 2849 >> stream xڽZ_s�8ϧУ

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE