Bulletins

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Festo Equipment : Compact Vision System, Control Block, Controller, and Operator Unit products Vulnerabilities : Exposure of Resource to Wrong Sphere, Initialization of a Resource with an Insecure Default 2. RISK EVALUATION Successful exploitation of these …

1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Opto 22 Equipment : groov View Vulnerability : Exposure of Sensitive Information Through Metadata 2. RISK EVALUATION Successful exploitation of this vulnerability could result in credential exposure, key exposure, and privilege escalation. 3. TECHNICAL DETAILS 3.1 …

1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Zenitel Equipment: TCIV-3+ Vulnerabilities: OS Command Injection, Out-of-bounds Write, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in arbitrary code execution or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following …

1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : SiRcom Equipment : SMART Alert (SiSA) Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could enable an attacker to remotely activate or manipulate emergency sirens. 3. TECHNICAL DETAILS 3.1 …

1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Low attack complexity Vendor : Ashlar-Vellum Equipment : Cobalt, Xenon, Argon, Lithium, Cobalt Share Vulnerabilities : Out-of-Bounds Write, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code. 3. TECHNICAL …

1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION : Exploitable remotely Vendor : Opto 22 Equipment : GRV-EPIC-PR1, GRV-EPIC-PR2, groov RIO Vulnerability : Improper Neutralization of Special Elements used in an OS Command 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the execution of arbitrary shell commands with …

1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Emerson Equipment : Appleton UPSMON-PRO Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 3. TECHNICAL DETAILS 3.1 …