us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.1 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Windows Shortcut Following (.LNK) 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ICONICS Product Suite and Mitsubishi Electric MC Works64 are affected: GENESIS64: All versions GENESIS: Version 11.00 Mitsubishi Electric MC Works64: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 Windows Shortcut Following (.LNK) CWE-64 An information tampering vulnerability due to Windows Shortcut Following exists in multiple processes in GENESIS64, MC Works64, and GENESIS. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. By creating a symbolic link, an attacker can cause the p...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Lifecycle Services with VMware Vulnerabilities: Out-of-bounds Write, Use of Uninitialized Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to code execution on the host or leakage of memory from processes communicating with vSockets. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following Lifecycle Services with VMware are affected: Industrial Data Center (IDC) with VMware: Generations 1 – 4 VersaVirtual Appliance (VVA) with VMware: Series A & B Threat Detection Managed Services (TDMS) with VMware: All versions Endpoint Protection Service with Rockwell Automation Proxy & VMware only: All versions Engineered and Integrated Solutions with VMware: All versions 3.2 Vulnerability Overview 3.2.1 Out-of-bounds Write CWE-787 An integer-overflow vulnerability exists in the VMXNET3 virtual network adapter used in VM...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Güralp Systems Equipment: Güralp FMUS Series Seismic Monitoring Devices Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Güralp FMUS series are affected: Güralp FMUS Series Seismic Monitoring Devices: All versions 3.2 Vulnerability Overview 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. CVE-2025-8286 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION: Exploitable remotely Vendor: Samsung Equipment: HVAC DMS Vulnerabilities: Execution After Redirect (EAR), Deserialization of Untrusted Data, Absolute Path Traversal, Use of Potentially Dangerous Function, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Relative Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities can lead to unauthenticated remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Samsung HVAC DMS, a software management platform, are affected: Samsung HVAC DMS: Versions 2.0.0 to 2.3.13.0, Versions 2.5.0.17 to 2.6.14.0, Versions 2.7.0.15 to 2.9.3.5 3.2 Vulnerability Overview 3.2.1 EXECUTION AFTER REDIRECT (EAR) CWE-698 An execution after redirect in Samsung DMS (Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: LabVIEW Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory reads. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of LabVIEW are affected: LabVIEW: 2025 Q1 and prior versions 3.2 Vulnerability Overview 3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119 LabVIEW 2025 Q1 and prior versions are affected by an improper restriction of operations within the bounds of a memory buffer vulnerability, which may allow a local attacker to disclose information and execute arbitrary code remotely, resulting in invalid memory reads. CVE-2025-2633 has been assigned to this vulnerability. A CVSS v3.1 base score of ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DTN Soft Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use a specially crafted project file to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products are affected: DTN Soft: Versions 2.1.0 and prior 3.2 Vulnerability Overview 3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502 The affected product is affected by a deserialization of untrusted data vulnerability, which could allow an attacker to use a specially crafted project file to execute arbitrary code. CVE-2025-53416 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2025-53416. A base score of 8.4 has been calculated; the CVS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion PKS Vulnerabilities: Use of Uninitialized Variable, Improper Restriction of Operations within the Bounds of a Memory Buffer, Sensitive Information in Resource Not Removed Before Reuse, Integer Underflow (Wrap or Wraparound), Deployment of Wrong Handler 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in information exposure, denial of service, or remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Honeywell reports these vulnerabilities affect the following: Experion PKS: All releases prior to R520.2 TCU9 Hot Fix 1 Experion PKS: All releases prior to R530 TCU3 Hot Fix 1 3.2 Vulnerability Overview 3.2.1 Use of Uninitialized Variable CWE-457 The Honeywell Experion PKS contains an uninitialized variable in the common Epic Platform Analyzer (EPA) communications. An attacker could potentially exploit this vulnera...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Network Thermostat Equipment: X-Series WiFi thermostats Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain full administrative access to the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Network Thermostat product is affected: X-Series WiFi thermostats: Versions v4.5 up to but not including v4.6 X-Series WiFi thermostats: Versions v9.6 up to but not including v9.46 X-Series WiFi thermostats: Versions v10.1 up to but not including v10.29 X-Series WiFi thermostats: Versions v11.1 up to but not including v11.5 3.2 Vulnerability Overview 3.2.1 Missing Authentication for Critical Function CWE-306 The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the Local Area Network or from the...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION: Exploitable from a local network Vendor: Mitsubishi Electric Equipment: CNC Series Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious code by getting setup-launcher to load a malicious DLL. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric CNC Series are affected: NC Designer2: All versions NC Designer: All versions NC Configurator2: All versions NC Analyzer2: All versions NC Analyzer: All versions NC Explorer: All versions NC Monitor2: All versions NC Monitor: All versions NC Trainer2: "AB" and prior NC Trainer2 plus: "AB" and prior NC Trainer: All versions NC Trainer plus: All versions NC Visualizer: All versions Remote Monitor Tool: All versions MS Configurator: All versions Mitsubishi Electric Numerical Control Device Communication Software (FCSB1224): All versions Mitsubishi Electric ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Exploitable remotely Vendor: LG Innotek Equipment: Camera Model LNV5110R Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following model of LG Innotek CCTV Camera is affected: LNV5110R: All versions 3.2 Vulnerability Overview 3.2.1 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288 An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that allows a malicious actor to upload an HTTP POST request to the devices non-volatile storage. This action may result in remote code execution that allows an attacker to run arbitrary commands on the target device at the administrator privilege level. CVE-2025-7742 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculate...