BOSCH PSIRT
11/19/2025
BOSCH-SA-359440-BT: A security issue has been identified in the Bosch MAP 5000 family of products, which stems from the use of insecure cryptographic algorithms in the SSH service configuration. It may expose systems to cryptographic attacks, unauthorized access, or data leakage.
BOSCH PSIRT
11/19/2025
BOSCH-SA-688644-BT: The MAP 5000 is susceptible to multiple vulnerabilities. Vulnerability CVE-2021-3449 can lead to system crashes caused by DoS attacks. Such vulnerabilities allow malicious actors to disrupt service, resulting in downtime and loss of access for legitimate users, which can severely impact business operations. Vulnerability CVE-2023-48795 constitutes a weakness in …
CISA (ICS)
11/18/2025
1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Shelly Equipment: Pro 4PM Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Pro 4PM, a …
CISA (ICS)
11/18/2025
1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : METZ CONNECT Equipment : EWIO2 Vulnerabilities : Authentication Bypass by Primary Weakness, Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion'), Unrestricted Upload of File with Dangerous Type, Path Traversal: '.../...//', …
CISA (ICS)
11/18/2025
1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Shelly Equipment: Pro 3EM Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Pro 3EM, a smart DIN rail switch, is …
CISA (ICS)
11/18/2025
1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION : Low Attack Complexity Vendor : Schneider Electric Equipment : EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio Vulnerability : Use of a Broken or Risky Cryptographic Algorithm 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to loss of confidentiality …
CISA (ICS)
11/18/2025
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Schneider Electric Equipment : PowerChute Serial Shutdown Vulnerabilities : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Restriction of Excessive Authentication Attempts, Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these …
SIEMENS CERT
11/17/2025
PS/IGES Parasolid Translator Component contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to …