Tag
#vulnerability
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: Carrier Equipment: Block Load Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious actor to execute arbitrary code with escalated privileges . 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Carrier product, which is a HVAC load calculation program, are affected: Block Load: Version 4.16 3.2 VUNERABILITY OVERVIEW 3.2.1 UNCONTROLLED SEARCH PATH ELEMENT CWE-427 The vulnerability could allow a malicious actor to perform DLL hijacking and execute arbitrary code with escalated privileges. CVE-2024-10930 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-10930. A base score of 7.1 has been calculated; the CVSS vector string is (AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Edimax Equipment: IC-7100 IP Camera Vulnerability: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send specially crafted requests to achieve remote code execution on the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Edimax products are affected: IC-7100 IP Camera: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-78 Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device CVE-2025-1316 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Vendor: Hitachi Energy Equipment: MACH PS700 Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges and gain control over the software. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports the following products are affected: MACH PS700: Version v2 3.2 VULNERABILITY OVERVIEW 3.2.1 UNCONTROLLED SEARCH PATH ELEMENT CWE-427 Uncontrolled search path element in some Intel(R) Chipset Device Software before Version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-28388 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Energy COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: Swi...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Low Attack Complexity Vendor: Hitachi Energy Equipment: XMC20, ECST, UNEM Vulnerability: Improper Validation of Certificate with Host Mismatch 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to intercept or falsify data exchanges between the client and the server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports that the following products are affected: XMC20: Versions prior to R16B ECST: Versions prior to 16.2.1 UNEM: Versions prior to R15A UNEM: R15A UNEM: R15B PC4 and prior UNEM: R16A UNEM: R16B PC2 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER VALIDATION OF CERTIFICATE WITH HOST MISMATCH CWE-297 Hitachi Energy is aware of a vulnerability that affects the ECST client application which if exploited could allow attackers to intercept or falsify data exchanges between the client and the server. CVE-2024-2462 has been assigned to this vulnerability. A CVSS v3 base score of...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Keysight Equipment: Ixia Vision Product Family Vulnerabilities: Path Traversal, Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Keysight reports the following versions of Vision Network Packet Broker product family are affected: Ixia Vision Product Family: Versions 6.3.1 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Limitation of a Pathname to a Restricted Directory CWE-22 Path traversal may allow remote code execution using privileged account (requires device admin account, cannot be performed by a regular user). In combination with the 'Upload' functionality this could be used to execute an arbitrary script or possibly an uploaded binary. Remediation in Version 6.7.0, rel...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: XMC20 Vulnerability: Relative Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access files or directories outside the authorized scope. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports that the following products are affected: XMC20: R15A and prior including all subversions XMC20: R15B XMC20: R16A XMC20: R16B Revision C (cent2_r16b04_02, co5ne_r16b04_02) and older including all subversions 3.2 VULNERABILITY OVERVIEW 3.2.1 RELATIVE PATH TRAVERSAL CWE-23 Hitachi Energy is aware of a vulnerability that affects the XMC20. If exploited, an attacker could traverse the file system to access files or directories that would otherwise be inaccessible. CVE-2024-2461 has been assigned to this vulnerability. A CVSS v3 base score of 4.9 has been calculated; the CVSS vector string is (CVSS:3.1/AV:...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2023-20118 (CVSS score: 6.5) - A command injection
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in the Framework component that could result in unauthorized access to "Android/data," "Android/obb,"
There is a possibility for userinfo leakage by in the uri gem. This vulnerability has been assigned the CVE identifier CVE-2025-27221. We recommend upgrading the uri gem. ## Details The methods `URI#join`, `URI#merge`, and `URI#+` retained userinfo, such as `user:password`, even after the host is replaced. When generating a URL to a malicious host from a URL containing secret userinfo using these methods, and having someone access that URL, an unintended userinfo leak could occur. Please update URI gem to version 0.11.3, 0.12.4, 0.13.2, 1.0.3 or later. ## Affected versions uri gem versions < 0.11.3, 0.12.0 to 0.12.3, 0.13.0, 0.13.1 and 1.0.0 to 1.0.2. ## Credits Thanks to Tsubasa Irisawa (lambdasawa) for discovering this issue. Also thanks to nobu for additional fixes of this vulnerability.
There is a possibility for Regular expression Denial of Service (ReDoS) by in the cgi gem. This vulnerability has been assigned the CVE identifier CVE-2025-27220. We recommend upgrading the cgi gem. ## Details The regular expression used in `CGI::Util#escapeElement` is vulnerable to ReDoS. The crafted input could lead to a high CPU consumption. This vulnerability only affects Ruby 3.1 and 3.2. If you are using these versions, please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. ## Affected versions cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. ## Credits Thanks to svalkanov for discovering this issue. Also thanks to nobu for fixing this vulnerability.