diff --git a/2023/49xxx/CVE-2023-49780.json b/2023/49xxx/CVE-2023-49780.json
new file mode 100644
index 00000000000..18aa8e848ed
--- /dev/null
+++ b/2023/49xxx/CVE-2023-49780.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-49780",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/13xxx/CVE-2024-13841.json b/2024/13xxx/CVE-2024-13841.json
index 58ce8e7b993..59871970591 100644
--- a/2024/13xxx/CVE-2024-13841.json
+++ b/2024/13xxx/CVE-2024-13841.json
@@ -1,17 +1,85 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-13841",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security@wordfence.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Builder Shortcode Extras \u2013 WordPress Shortcodes Collection to Save You Time plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via the 'bse-elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private and draft posts created with Elementor that they should not have access to."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-639 Authorization Bypass Through User-Controlled Key",
+ "cweId": "CWE-639"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "daveshine",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Builder Shortcode Extras \u2013 WordPress Shortcodes Collection to Save You Time",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "*",
+ "version_value": "1.0.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/642dc1d3-a008-4af8-ba9e-dbdd37b93126?source=cve",
+ "refsource": "MISC",
+ "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/642dc1d3-a008-4af8-ba9e-dbdd37b93126?source=cve"
+ },
+ {
+ "url": "https://plugins.trac.wordpress.org/browser/builder-shortcode-extras/tags/1.0.0/includes/shortcodes/elementor.php#L116",
+ "refsource": "MISC",
+ "name": "https://plugins.trac.wordpress.org/browser/builder-shortcode-extras/tags/1.0.0/includes/shortcodes/elementor.php#L116"
+ }
+ ]
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Francesco Carlucci"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+ "baseScore": 4.3,
+ "baseSeverity": "MEDIUM"
}
]
}
diff --git a/2024/7xxx/CVE-2024-7695.json b/2024/7xxx/CVE-2024-7695.json
index a27ed9bb203..690fd5485ab 100644
--- a/2024/7xxx/CVE-2024-7695.json
+++ b/2024/7xxx/CVE-2024-7695.json
@@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
- "value": "Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack. \n\nThis vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent its potential exploitation."
+ "value": "Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack."
}
]
},
@@ -106,6 +106,522 @@
}
]
}
+ },
+ {
+ "product_name": "EDS-608 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-611 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-616 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-619 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-405A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.14"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-408A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-505A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-508A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-510A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-516A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-518A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G509 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-P510 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-P510A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-510E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.5"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-518E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.3"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-528E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.3"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G508E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.4"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G512E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.4"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G516E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.4"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-P506E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.8"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7526A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7528A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7748A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7750A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7752A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7826A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7828A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7848A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7850A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7852A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-G6524A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-6726A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-6728A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-G6824A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3006 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3008 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3010 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3016 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3006 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3008 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3010 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3016 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
}
]
}
@@ -119,6 +635,11 @@
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches",
"refsource": "MISC",
"name": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches"
+ },
+ {
+ "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches",
+ "refsource": "MISC",
+ "name": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches"
}
]
},
@@ -126,7 +647,7 @@
"engine": "Vulnogram 0.2.0"
},
"source": {
- "discovery": "EXTERNAL"
+ "discovery": "INTERNAL"
},
"work_around": [
{
@@ -148,10 +669,10 @@
{
"base64": false,
"type": "text/html",
- "value": "Moxa has developed appropriate solutions to address this vulnerability. The solutions for affected products are listed in the following:
"
+ "value": "Please refer to the security advisories:
"
}
],
- "value": "Moxa has developed appropriate solutions to address this vulnerability. The solutions for affected products are listed in the following:\u00a0\n * PT-7728 Series,\u00a0PT-7828 Series,\u00a0PT-G503 Series,\u00a0PT-G510 Series:\u00a0Please contact Moxa Technical Support https://www.moxa.com/support/support/technical-support for the security patch\u00a0\n\n * PT-G7728 Series: Upgrade to the firmware version 6.5 https://www.moxa.com/en/products/industrial-network-infrastructure/ethernet-switches/rackmount-switches/pt-g7728-series#resources or later\u00a0\n\n * PT-G7828 Series:\u00a0Upgrade to the firmware version 6.5 https://www.moxa.com/en/products/industrial-network-infrastructure/ethernet-switches/rackmount-switches/pt-g7828-series#resources or later"
+ "value": "Please refer to the security advisories:\n * CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in Multiple PT Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches \n\n * CVE-2024-7695: Out-of-bounds Write Vulnerability in Multiple EDS, ICS, IKS, and SDS Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches"
}
],
"impact": {
diff --git a/2024/9xxx/CVE-2024-9404.json b/2024/9xxx/CVE-2024-9404.json
index 6b97b461074..90b99a63fcb 100644
--- a/2024/9xxx/CVE-2024-9404.json
+++ b/2024/9xxx/CVE-2024-9404.json
@@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
- "value": "Moxa\u2019s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could lead to a denial-of-service condition or cause a service crash. This vulnerability allows attackers to exploit the Moxa service, commonly referred to as moxa_cmd, originally designed for deployment. Because of insufficient input validation, this service may be manipulated to trigger a denial-of-service.\n\n\n\n\nThis vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent potential exploitation."
+ "value": "This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems."
}
]
},
@@ -45,6 +45,522 @@
}
]
}
+ },
+ {
+ "product_name": "EDS-608 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-611 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-616 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-619 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-405A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.14"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-408A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-505A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-508A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-510A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.12"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-516A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-518A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G509 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-P510 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-P510A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.11"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-510E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.5"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-518E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.3"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-528E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.3"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G508E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.4"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G512E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.4"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-G516E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "6.4"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "EDS-P506E Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.8"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7526A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7528A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7748A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7750A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7752A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7826A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7828A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7848A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7850A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "ICS-G7852A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-G6524A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-6726A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-6728A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.9"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "IKS-G6824A Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "5.10"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3006 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3008 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3010 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-3016 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3006 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3008 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3010 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "SDS-G3016 Series",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0",
+ "version_value": "3.0"
+ }
+ ]
+ }
}
]
}
@@ -58,6 +574,11 @@
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series",
"refsource": "MISC",
"name": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series"
+ },
+ {
+ "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches",
+ "refsource": "MISC",
+ "name": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches"
}
]
},
@@ -74,10 +595,10 @@
{
"base64": false,
"type": "text/html",
- "value": "- Minimize network exposure to ensure the device is not accessible from the Internet.
- Limit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers.
- Implement IDS or Intrusion Prevention System (IPS) to detect and prevent exploitation attempts. These systems can provide an additional layer of defense by monitoring network traffic for signs of attacks.
"
+ "value": "To mitigate the risks\nassociated with this vulnerability, we recommend the following actions:
\n\n\n - Disable Moxa Service and Moxa Service\n (Encrypted) temporarily if they are not required for operations. This will\n minimize potential attack vectors until a patch or updated firmware is\n applied.
\n
"
}
],
- "value": "* Minimize network exposure to ensure the device is not accessible from the Internet.\n * Limit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers.\n * Implement IDS or Intrusion Prevention System (IPS) to detect and prevent exploitation attempts. These systems can provide an additional layer of defense by monitoring network traffic for signs of attacks."
+ "value": "To mitigate the risks\nassociated with this vulnerability, we recommend the following actions:\n\n\n\n\n * Disable Moxa Service and Moxa Service\n (Encrypted) temporarily if they are not required for operations. This will\n minimize potential attack vectors until a patch or updated firmware is\n applied."
}
],
"solution": [
@@ -87,10 +608,10 @@
{
"base64": false,
"type": "text/html",
- "value": "Moxa has developed appropriate solutions to address the identified vulnerability. For the VPort 07-3 Series, please upgrade to firmware version 1.1 or later. You can download the latest firmware from Moxa\u2019s official website.
"
+ "value": "Please refer to the security advisories:
"
}
],
- "value": "Moxa has developed appropriate solutions to address the identified vulnerability. For the VPort 07-3 Series, please upgrade to firmware version 1.1 or later. You can download the latest firmware from Moxa\u2019s official website."
+ "value": "Please refer to the security advisories:\n\n\n * CVE-2024-9404: Denial-of-Service Vulnerability Identified in the VPort 07-3 Series https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series \n\n * CVE-2024-9404: Denial-of-Service Vulnerability Identified in Multiple EDS, ICS, IKS, and SDS Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches"
}
],
"credits": [
@@ -114,6 +635,20 @@
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
+ },
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2025/1xxx/CVE-2025-1099.json b/2025/1xxx/CVE-2025-1099.json
new file mode 100644
index 00000000000..8dd6461a529
--- /dev/null
+++ b/2025/1xxx/CVE-2025-1099.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-1099",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26328.json b/2025/26xxx/CVE-2025-26328.json
new file mode 100644
index 00000000000..aab803dc2df
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26328.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26328",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26329.json b/2025/26xxx/CVE-2025-26329.json
new file mode 100644
index 00000000000..a64e3ff64d5
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26329.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26329",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26330.json b/2025/26xxx/CVE-2025-26330.json
new file mode 100644
index 00000000000..86f97a80a1f
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26330.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26330",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26331.json b/2025/26xxx/CVE-2025-26331.json
new file mode 100644
index 00000000000..5ea5f221a99
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26331.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26331",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26332.json b/2025/26xxx/CVE-2025-26332.json
new file mode 100644
index 00000000000..1c6fcd79198
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26332.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26332",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26333.json b/2025/26xxx/CVE-2025-26333.json
new file mode 100644
index 00000000000..7b186ade21c
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26333.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26333",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26334.json b/2025/26xxx/CVE-2025-26334.json
new file mode 100644
index 00000000000..6232eaec6e9
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26334.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26334",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26335.json b/2025/26xxx/CVE-2025-26335.json
new file mode 100644
index 00000000000..61846eedf9c
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26335.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26335",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26336.json b/2025/26xxx/CVE-2025-26336.json
new file mode 100644
index 00000000000..ccb82fff31b
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26336.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26336",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26337.json b/2025/26xxx/CVE-2025-26337.json
new file mode 100644
index 00000000000..522a6f499d9
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26337.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26337",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/26xxx/CVE-2025-26338.json b/2025/26xxx/CVE-2025-26338.json
new file mode 100644
index 00000000000..cb479ca3f6e
--- /dev/null
+++ b/2025/26xxx/CVE-2025-26338.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2025-26338",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file