us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: FX80 and FX90 Vulnerability: Dependency on Vulnerable Third-Party Component 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to compromise the device's configuration files. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Johnson Controls products are affected: FX80: FX 14.10.10 FX80: FX 14.14.1 FX90: FX 14.10.10 FX90: FX 14.14.1 3.2 VULNERABILITY OVERVIEW 3.2.1 DEPENDENCY ON VULNERABLE THIRD-PARTY COMPONENT CWE-1395 The affected product is vulnerable to a vulnerable third-party component, which could allow an attacker to compromise device configuration files. CVE-2025-43867 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.7 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). A CVSS v4 score has also been calculated for CVE-2025-43867. A base score o...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: DIAView Vulnerability: Improper Limitation of a Pathname to a Restricted Directory 2. RISK EVALUATION Successful exploitation of this vulnerability may allow a remote attacker to read or write files on the affected device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Delta Electronics reports the following versions of DIAView industrial automation management system for providing real-time system control are affected: DIAView: Versions 4.2.0.0 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Limitation of a Pathname to a Restricted Directory CWE-22 Delta Electronics DIAView is vulnerable to a path traversal vulnerability, which may allow an attacker to read or write files remotely on the system. CVE-2025-53417 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Tigo Energy Equipment: Cloud Connect Advanced Vulnerabilities: Use of Hard-coded Credentials, Command Injection, Predictable Seed in Pseudo-Random Number Generator (PRNG). 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to gain unauthorized administrative access using hard-coded credentials, escalate privileges to take full control of the device, modify system settings, disrupt solar energy production, interfere with safety mechanisms, execute arbitrary commands via command injection, cause service disruptions, expose sensitive data, and recreate valid session IDs to access sensitive device functions on connected solar inverter systems due to insecure session ID generation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Cloud Connect Advanced are affected: Cloud Connect Advanced: Versions 4.0.1 and prior 3.2 VULNERABILI...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.1 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Windows Shortcut Following (.LNK) 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ICONICS Product Suite and Mitsubishi Electric MC Works64 are affected: GENESIS64: All versions GENESIS: Version 11.00 Mitsubishi Electric MC Works64: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 Windows Shortcut Following (.LNK) CWE-64 An information tampering vulnerability due to Windows Shortcut Following exists in multiple processes in GENESIS64, MC Works64, and GENESIS. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. By creating a symbolic link, an attacker can cause the p...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Lifecycle Services with VMware Vulnerabilities: Out-of-bounds Write, Use of Uninitialized Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to code execution on the host or leakage of memory from processes communicating with vSockets. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following Lifecycle Services with VMware are affected: Industrial Data Center (IDC) with VMware: Generations 1 – 4 VersaVirtual Appliance (VVA) with VMware: Series A & B Threat Detection Managed Services (TDMS) with VMware: All versions Endpoint Protection Service with Rockwell Automation Proxy & VMware only: All versions Engineered and Integrated Solutions with VMware: All versions 3.2 Vulnerability Overview 3.2.1 Out-of-bounds Write CWE-787 An integer-overflow vulnerability exists in the VMXNET3 virtual network adapter used in VM...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Güralp Systems Equipment: Güralp FMUS Series Seismic Monitoring Devices Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Güralp FMUS series are affected: Güralp FMUS Series Seismic Monitoring Devices: All versions 3.2 Vulnerability Overview 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. CVE-2025-8286 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DTN Soft Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use a specially crafted project file to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products are affected: DTN Soft: Versions 2.1.0 and prior 3.2 Vulnerability Overview 3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502 The affected product is affected by a deserialization of untrusted data vulnerability, which could allow an attacker to use a specially crafted project file to execute arbitrary code. CVE-2025-53416 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2025-53416. A base score of 8.4 has been calculated; the CVS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION: Exploitable remotely Vendor: Samsung Equipment: HVAC DMS Vulnerabilities: Execution After Redirect (EAR), Deserialization of Untrusted Data, Absolute Path Traversal, Use of Potentially Dangerous Function, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Relative Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities can lead to unauthenticated remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Samsung HVAC DMS, a software management platform, are affected: Samsung HVAC DMS: Versions 2.0.0 to 2.3.13.0, Versions 2.5.0.17 to 2.6.14.0, Versions 2.7.0.15 to 2.9.3.5 3.2 Vulnerability Overview 3.2.1 EXECUTION AFTER REDIRECT (EAR) CWE-698 An execution after redirect in Samsung DMS (Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: LabVIEW Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to the execution of arbitrary code on affected installations of LabVIEW, which could result in invalid memory reads. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of LabVIEW are affected: LabVIEW: 2025 Q1 and prior versions 3.2 Vulnerability Overview 3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119 LabVIEW 2025 Q1 and prior versions are affected by an improper restriction of operations within the bounds of a memory buffer vulnerability, which may allow a local attacker to disclose information and execute arbitrary code remotely, resulting in invalid memory reads. CVE-2025-2633 has been assigned to this vulnerability. A CVSS v3.1 base score of ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Exploitable remotely Vendor: LG Innotek Equipment: Camera Model LNV5110R Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following model of LG Innotek CCTV Camera is affected: LNV5110R: All versions 3.2 Vulnerability Overview 3.2.1 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288 An authentication vulnerability exists in the LG Innotek camera model LNV5110R firmware that allows a malicious actor to upload an HTTP POST request to the devices non-volatile storage. This action may result in remote code execution that allows an attacker to run arbitrary commands on the target device at the administrator privilege level. CVE-2025-7742 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculate...