SEC Consult SA-20240626-0 :: Multiple Vulnerabilities in Siemens Power Automation Products

Read Time:20 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jul 03

SEC Consult Vulnerability Lab Security Advisory < 20240626-0 >
=======================================================================
title: Multiple Vulnerabilities in Power Automation Products
product: Siemens CP-8000/CP-8021/CP8-022/CP-8031/CP-8050/SICORE
vulnerable version: CPC80 < V16.41 / CPCI85 < V5.30 / OPUPI0 < V5.30 / SICORE < V1.3.0 /
CPCX26 < V06.02 for CP-2016…

USN-7405-1: InspIRCd vulnerabilities

It was discovered that InspIRCd did not correctly handle certificate fingerprints, which could lead to spoofing. A remote attacker could...

April 2, 2025

USN-7404-1: phpseclib vulnerabilities

It was discovered that phpseclib did not correctly handle RSA PKCS#1 v1.5 signature verification. An attacker could possibly use this...

April 2, 2025

USN-7403-1: Linux kernel (HWE) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

April 1, 2025