diff --git a/2024/13xxx/CVE-2024-13818.json b/2024/13xxx/CVE-2024-13818.json new file mode 100644 index 00000000000..d1efa3b40b2 --- /dev/null +++ b/2024/13xxx/CVE-2024-13818.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13818", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0626.json b/2025/0xxx/CVE-2025-0626.json index 9c239d32b42..36bd0e96f20 100644 --- a/2025/0xxx/CVE-2025-0626.json +++ b/2025/0xxx/CVE-2025-0626.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The affected product sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device." + "value": "Contec Health CMS8000 Patient Monitor sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device." } ] }, @@ -39,18 +39,6 @@ "product_name": "CMS8000 Patient Monitor", "version": { "version_data": [ - { - "version_affected": "=", - "version_value": "Firmware version smart3250-2.6.27-wlan2.1.7.cramfs" - }, - { - "version_affected": "=", - "version_value": "Firmware version CMS7.820.075.08/0.74(0.75)" - }, - { - "version_affected": "=", - "version_value": "Firmware version CMS7.820.120.01/0.93(0.95)" - }, { "version_affected": "=", "version_value": "All versions" @@ -70,6 +58,11 @@ "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01", "refsource": "MISC", "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01" + }, + { + "url": "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", + "refsource": "MISC", + "name": "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication" } ] }, @@ -77,7 +70,8 @@ "engine": "Vulnogram 0.2.0" }, "source": { - "discovery": "UNKNOWN" + "advisory": "ICSMA-25-030-01", + "discovery": "EXTERNAL" }, "solution": [ { @@ -91,5 +85,29 @@ ], "value": "Per FDA recommendation, CISA recommends users remove any Contec CMS8000 devices from their networks.\n\nPlease note that this device may be re-labeled and sold by resellers. For a list of known re-labeled devices, please refer to FDA's safety communication https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication ." } - ] + ], + "credits": [ + { + "lang": "en", + "value": "An anonymous researcher reported these vulnerabilities to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ] + } } \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0683.json b/2025/0xxx/CVE-2025-0683.json index b1dbb6d572c..0e43ddabd9d 100644 --- a/2025/0xxx/CVE-2025-0683.json +++ b/2025/0xxx/CVE-2025-0683.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In its default configuration, the affected product transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario." + "value": "In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text \npatient data to a hard-coded public IP address when a patient is hooked \nup to the monitor. This could lead to a leakage of confidential patient \ndata to any device with that IP address or an attacker in a \nmachine-in-the-middle scenario." } ] }, @@ -39,18 +39,6 @@ "product_name": "CMS8000 Patient Monitor", "version": { "version_data": [ - { - "version_affected": "=", - "version_value": "Firmware version smart3250-2.6.27-wlan2.1.7.cramfs" - }, - { - "version_affected": "=", - "version_value": "Firmware version CMS7.820.075.08/0.74(0.75)" - }, - { - "version_affected": "=", - "version_value": "Firmware version CMS7.820.120.01/0.93(0.95)" - }, { "version_affected": "=", "version_value": "All versions" @@ -70,6 +58,11 @@ "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01", "refsource": "MISC", "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01" + }, + { + "url": "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication", + "refsource": "MISC", + "name": "https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication" } ] }, @@ -77,7 +70,8 @@ "engine": "Vulnogram 0.2.0" }, "source": { - "discovery": "UNKNOWN" + "advisory": "ICSMA-25-030-01", + "discovery": "EXTERNAL" }, "solution": [ { @@ -91,5 +85,29 @@ ], "value": "Per FDA recommendation, CISA recommends users remove any Contec CMS8000 devices from their networks.\n\nPlease note that this device may be re-labeled and sold by resellers. For a list of known re-labeled devices, please refer to FDA's safety communication https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication ." } - ] + ], + "credits": [ + { + "lang": "en", + "value": "An anonymous researcher reported these vulnerabilities to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + ] + } } \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0936.json b/2025/0xxx/CVE-2025-0936.json new file mode 100644 index 00000000000..cf85ea6ae32 --- /dev/null +++ b/2025/0xxx/CVE-2025-0936.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0936", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0937.json b/2025/0xxx/CVE-2025-0937.json new file mode 100644 index 00000000000..bec19485eae --- /dev/null +++ b/2025/0xxx/CVE-2025-0937.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0937", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0938.json b/2025/0xxx/CVE-2025-0938.json new file mode 100644 index 00000000000..5957a814248 --- /dev/null +++ b/2025/0xxx/CVE-2025-0938.json @@ -0,0 +1,76 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2025-0938", + "ASSIGNER": "cna@python.org", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Python Software Foundation", + "product": { + "product_data": [ + { + "product_name": "CPython", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.14.0a5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/python/cpython/issues/105704", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/105704" + }, + { + "url": "https://github.com/python/cpython/pull/129418", + "refsource": "MISC", + "name": "https://github.com/python/cpython/pull/129418" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0939.json b/2025/0xxx/CVE-2025-0939.json new file mode 100644 index 00000000000..3e939e07666 --- /dev/null +++ b/2025/0xxx/CVE-2025-0939.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0939", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/23xxx/CVE-2025-23001.json b/2025/23xxx/CVE-2025-23001.json index ae7f10ab644..00a682351fd 100644 --- a/2025/23xxx/CVE-2025-23001.json +++ b/2025/23xxx/CVE-2025-23001.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-23001", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-23001", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Host Header Injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/CTFd/CTFd", + "refsource": "MISC", + "name": "https://github.com/CTFd/CTFd" + }, + { + "refsource": "MISC", + "name": "https://codetoanbug.com/poc-cve-2025-23001-ctfd-english/", + "url": "https://codetoanbug.com/poc-cve-2025-23001-ctfd-english/" } ] }