us-cert

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Low attack complexity Vendor: TrendMakers Equipment: Sight Bulb Pro Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Improper Neutralization of Special Elements used in a Command ('Command Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to capture sensitive information and execute arbitrary shell commands on the target device as root if connected to the local network segment. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the Sight Bulb Pro Firmware are affected: Sight Bulb Pro Firmware ZJ_CG32-2201: Version 8.57.83 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF A BROKEN OR RISKY CRYPTOGRAPHIC ALGORITHM CWE-327 During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt co...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: Air conditioning systems Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to control the air conditioning system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric reports the following air conditioning systems are affected: G-50: Ver.3.37 and prior G-50-W: Ver.3.37 and prior G-50A: Ver.3.37 and prior GB-50: Ver.3.37 and prior GB-50A: Ver.3.37 and prior GB-24A: Ver.9.12 and prior G-150AD: Ver.3.21 and prior AG-150A-A: Ver.3.21 and prior AG-150A-J: Ver.3.21 and prior GB-50AD: Ver.3.21 and prior GB-50ADA-A: Ver.3.21 and prior GB-50ADA-J: Ver.3.21 and prior EB-50GU-A: Ver.7.11 and prior EB-50GU-J: Ver.7.11 and prior AE-200J: Ver.8.01 and prior AE-200A: Ver.8.01 and prior AE-200E: Ver.8.01 and prior AE-50J: Ver.8.01 and prior AE-50A: Ver.8.01 an...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Parsons Equipment: AccuWeather and Custom RSS widget Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to insert a malicious link that users might access through the RSS feed. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of AccuWeather and Custom RSS widget are affected: Parsons Utility Enterprise Data Management: Version 5.18 Parsons Utility Enterprise Data Management: Version 5.03 Parsons Utility Enterprise Data Management: Versions 4.02 through 4.26 Parsons Utility Enterprise Data Management: Version 3.30 AclaraONE Utility Portal: versions prior to 1.22 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79 A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthentica...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ControlID Equipment: iDSecure On-premises Vulnerabilities: Improper Authentication, Server-Side Request Forgery (SSRF), SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, retrieve information, leak arbitrary data, or perform SQL injections. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ControlID iDSecure On-premises, a vehicle control software, are affected: iDSecure On-premises: Versions 4.7.48.0 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER AUTHENTICATION CWE-287 ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper Authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product. CVE-2025-49851 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: EVLink WallBox Vulnerabilities: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain remote control of the charging station. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: EVLink WallBox: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability exists, which could cause arbitrary file writes when an unauthenticated user on ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code within the context of the current process. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Delta Electronics reports the following versions of CNCSoft, a human-machine interface, are affected: CNCSoft: v1.01.34 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 Delta Electronics CNCSoft does not properly validate user-supplied files. If a user opens a maliciously crafted file, an attacker can leverage this vulnerability to execute code within the context of the current process. CVE-2025-47724 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.7 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2025-4...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Kaleris Equipment: Navis N4 Vulnerabilities: Deserialization of Untrusted Data, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely exploit the operating system, achieve remote code execution, or extract sensitive information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Kaleris Navis N4, a terminal operating system, are affected: Navis N4: Versions prior to 4.0 3.2 VULNERABILITY OVERVIEW 3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502 Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server. CVE-2025-2566 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon Controllers Vulnerabilities: Improper Input Validation, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the device or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: Modicon Controllers M241: Versions prior to 5.3.12.51 Modicon Controllers M251: Versions prior to 5.3.12.51 Modicon Controllers M262: Versions prior to 5.3.9.18 (CVE-2025-3898, CVE-2025-3117) Modicon Controllers M258: All versions (CVE-2025-3905, CVE-2025-3116, CVE-2025-3117) Modicon Controllers LMC058: All versions (CVE-2025-3905, CVE-2025-3116, CVE-2025-3117) 3.2 VULNERABILITY OVERVIEW 3.2.1 ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: MICROSENS Equipment: NMP Web+ Vulnerabilities: Use of Hard-coded, Security-relevant Constants, Insufficient Session Expiration, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain system access, overwrite files or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of NMP Web+ are affected: NMP Web+: Version 3.2.5 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF HARD-CODED, SECURITY-RELEVANT CONSTANTS CWE-547 The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens (JWT) to bypass authentication. CVE-2025-49151 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). A CVSS v4 score h...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Dover Fueling Solutions Equipment: ProGauge MagLink LX consoles Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker gaining control of the monitoring device, manipulating fueling operations, deleting system configurations, or deploying malware. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of ProGauge MagLink LX, a fuel and water tank monitor, are affected: ProGauge MagLink LX 4: Versions prior to 4.20.3 ProGauge MagLink LX Plus: Versions prior to 4.20.3 ProGauge MagLink LX Ultimate: Versions prior to 5.20.3 3.2 VULNERABILITY OVERVIEW 3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306 The device exposes an undocumented and unauthenticated Target Communication Framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentia...