CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2016-8562 – Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2016-8562
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service. Se ha identificado una vulnerabilidad en SIMATIC CP 1543-1 (Todas las versiones < V2.0.28), SIPLUS NET CP 1543-1 (Todas las versiones < V2.0.28). En condiciones especiales era posible escribir variables SNMP en el puerto 161/udp que deberían ser de sólo lectura y sólo deberían configurarse con TIA-Portal. • http://www.securityfocus.com/bid/94436 http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-672373.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-672373.pdf https://ics-cert.us-cert.gov/advisories/ICSA-16-327-01 •
CVSS: 7.5EPSS: 97%CPEs: 54EXPL: 16CVE-2014-0160 – OpenSSL Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. Las implementaciones de (1) TLS y (2) DTLS en OpenSSL 1.0.1 en versiones anteriores a 1.0.1g no manejan adecuadamente paquetes Heartbeat Extension, lo que permite a atacantes remotos obtener información sensible desde la memoria de proceso a través de paquetes manipulados que desencadenan una sobrelectura del buffer, según lo demostrado mediante la lectura de claves privadas, relacionado con d1_both.c y t1_lib.c, también conocido como bug Heartbleed. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. • https://www.exploit-db.com/exploits/32764 https://www.exploit-db.com/exploits/32791 https://www.exploit-db.com/exploits/32998 https://www.exploit-db.com/exploits/32745 https://github.com/0x90/CVE-2014-0160 https://github.com/jdauphant/patch-openssl-CVE-2014-0160 https://github.com/caiqiqi/OpenSSL-HeartBleed-CVE-2014-0160-PoC https://github.com/obayesshelton/CVE-2014-0160-Scanner https://github.com/MrE-Fog/CVE-2014-0160-Chrome-Plugin https://github.com/Xyl2k/CVE-2014&# • CWE-125: Out-of-bounds Read CWE-201: Insertion of Sensitive Information Into Sent Data •