Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

Schneider Electric Harmony HMI and Pro-face HMI Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Harmony HMI and Pro-face HMI Products Vulnerability: Use of Unmaintained Third-Party Components 2. RISK EVALUATION Successful exploitation of this vulnerability could cause complete control of the device when an authenticated user installs malicious code into HMI product 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports the following versions of Harmony HMI and Pro-face HMI are affected: Harmony HMIST6: All versions Harmony HMISTM6: All versions Harmony HMIG3U: All versions Harmony HMIG3X: All versions Harmony HMISTO7 series with Ecostruxure Operator Terminal Expert runtime: All versions PFXST6000: All versions PFXSTM6000: All versions PFXSP5000: All versions PFXGP4100 series with Pro-face BLUE runtime: All versions 3.2 Vulnerability Overview 3.2.1 USE OF UNMAINTAINED THIRD-PARTY COMPONENTS CWE-1104 The affected product is vulnerable...

us-cert
#vulnerability#web#js#git#pdf#auth
Schneider Electric PowerChute Serial Shutdown

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerChute Serial Shutdown Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of access to the web interface when someone on the local network repeatedly requests the /accessdenied URL. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports the following versions of PowerChute Serial Shutdown are affected: PowerChute Serial Shutdown: Versions 1.2.0.301 and prior 3.2 Vulnerability Overview 3.2.1 IMPROPER AUTHENTICATION CWE-287 An improper authentication vulnerability exists that could cause a denial of access to the web interface when someone on the local network repeatedly requests the /accessdenied URL. CVE-2024-10511 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:...

Delta Electronics DRASimuCAD

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DRASimuCAD Vulnerabilities: Out-of-bounds Write, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device or potentially allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of DRASimuCAD, a robotic simulation platform, are affected: DRASimuCAD : Version 1.02 3.2 Vulnerability Overview 3.2.1 Access of Resource Using Incompatible Type ('Type Confusion') CWE-843 Delta Electronics DRASimuCAD expects a specific data type when it opens files, but the program will accept data of the wrong type from specially crafted files. CVE-2024-12834 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-12834. A base score of 8.4 has been ca...

ABB Cylon Aspect 3.08.02 (licenseUpload.php) Stored Cross-Site Scripting

The ABB Cylon Aspect BMS/BAS controller suffers from an authenticated stored cross-site scripting (XSS) vulnerability. This can be exploited by uploading a malicious .txt file containing an XSS payload, which is stored on the server and served back to users. Although the filename is sanitized via the filename POST parameter, the file contents are not inspected or sanitized, allowing attackers to inject arbitrary client-side scripts that execute in the context of any user accessing the infected file or related web page (license.php). To bypass file upload checks, the request must include the Variant string, enabling the upload process for potential exploitation.

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. "Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote

Chinese APT Group Is Ransacking Japan's Secrets

Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said.

GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability

An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username field of an e-mail message.

GHSA-x7m9-mv49-fv73: Vaultwarden vulnerable to user impersonation

An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request.

GHSA-vprm-27pv-jp3w: Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability

Vaultwarden v1.32.5 was discovered to contain an authenticated reflected cross-site scripting (XSS) vulnerability via the component /api/core/mod.rs.

GHSA-5xh2-23cc-5jc6: Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

**Vulnerability Summary** A type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations (Django, SQLAlchemy, Pydantic). The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay `node` interface. **Affected Components** - Strawberry GraphQL relay integration - Specifically impacts implementations using: - Django integration - SQLAlchemy integration - Pydantic integration **Technical Details** The vulnerability manifests when: 1. Multiple GraphQL types inherit from `relay.Node` 2. These types are mapped to the same database model 3. The global `node` field is used for type resolution Example of vulnerable code: ```python from fruits.models import Fruit import strawberry_django import strawberry @strawberry_django.type(Fruit) class FruitType(relay.Node): name: strawberry.auto @strawberry_django.type(Fruit) class SpecialFruitType(relay.Node): secret_name: ...