Bulletins

1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : iCam365 Equipment : P201 and QC021 Vulnerabilities : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized exposure of camera video streams and camera configuration data. 3. TECHNICAL DETAILS …

1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Emerson Equipment : Appleton UPSMON-PRO Vulnerability : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 3. TECHNICAL DETAILS 3.1 …

1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION : Exploitable remotely Vendor : Opto 22 Equipment : GRV-EPIC-PR1, GRV-EPIC-PR2, groov RIO Vulnerability : Improper Neutralization of Special Elements used in an OS Command 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the execution of arbitrary shell commands with …

1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION : Low attack complexity Vendor : Automated Logic Equipment : WebCTRL Premium Server Vulnerabilities : Open Redirect, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to deceive a legitimate user into running malicious scripts or redirecting …

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Festo SE & Co. KG Equipment : MSE6-C2M/D2M/E2M Vulnerability : Hidden Functionality 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a complete loss of confidentiality, integrity, and availability. 3. TECHNICAL DETAILS 3.1 AFFECTED …

BOSCH-SA-873110-BT: The TLS server implementation in MAP 5000 was found to use outdated settings for cryptography. The resulting weakness in the TLS protocol key exchange (Diffie-Hellman) allows an attacker to passively decrypt or intercept and manipulate secured communication. It is estimated that the required resources for a successful attack restrict …

BOSCH-SA-359440-BT: A security issue has been identified in the Bosch MAP 5000 family of products, which stems from the use of insecure cryptographic algorithms in the SSH service configuration. It may expose systems to cryptographic attacks, unauthorized access, or data leakage.