A vulnerability has been found in a cryptographic library of Infineon Technologies that is part of the firmware of the CmDongles. The exploitation of this vulnerability has been classified as complex: potential attackers need physical access and require special equipment to exploit the vulnerability. In general, this vulnerability affects only ECC keys used to calculate signatures with the ECDSA algorithm.



Improper file permission handling allows an authenticated low privileged user to gain root access.



Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS



Vulnerabilities in .NET and Visual Studio functions System.Text.Json, System.Formats.Asn1, OPCFoundation.NetStandard.Opc.Ua.Core allow an remote attacker to execute a Denial-of-Servce attack.



The pathfinder TCP encapsulation service is vulnerable to a drain of open file descriptors.



mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.



Confidential data in HTTP query string of user requests. Incomplete sanitation of user input in administrative web interface.

CVE-2024-43392 only affects devices with firmware < 8.9.3.



Feeds

Nach Hersteller

Archiv

2025
2024
2023
2022
2021
2020
2019
2018
2017

Legende

(Scoring für CVSS 2.0,3.0+3.1)
keine
Kein CVE verfügbar
Niedrig
0.1 <= 3.9
Mittel
4.0 <= 6.9
Hoch
7.0 <= 8.9
Kritisch
9.0 <= 10.0