CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 0CVE-2023-5719 – Red Lion Crimson Improper Neutralization of Null Byte or NUL Character
https://notcve.org/view.php?id=CVE-2023-5719
The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent (%) character, invalid values will be included, potentially truncating the string if a NUL is encountered. If the simplified password is not detected by the administrator, the device might be left in a vulnerable state as a result of more-easily compromised credentials. Note that passwords entered via the Crimson system web server do not suffer from this vulnerability. La herramienta de configuración Crimson 3.2 basada en Windows permite a los usuarios con acceso administrativo definir nuevas contraseñas para los usuarios y descargar la configuración de seguridad resultante a un dispositivo. • https://support.redlion.net/hc/en-us/categories/360002087671-Security-Advisories https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-01 • CWE-158: Improper Neutralization of Null Byte or NUL Character •
CVSS: 7.5EPSS: 0%CPEs: 121EXPL: 0CVE-2022-3090
https://notcve.org/view.php?id=CVE-2022-3090
Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes. Red Lion Controls Crimson 3.0 versiones 707.000 y anteriores, Crimson 3.1 versiones 3126.001 y anteriores, y Crimson 3.2 versiones 3.2.0044.0 y anteriores son vulnerables al path traversal. Al intentar abrir un archivo usando una ruta específica, el hash de la contraseña del usuario se envía a un host arbitrario. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10984 – Red Lion Crimson CD3 File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-10984
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that causes the program to mishandle pointers. Red Lion Controls Crimson, versión 3.0 y anteriores y versión 3.1 anterior a la publicación 3112.00, permite que múltiples vulnerabilidades sean explotadas cuando un usuario válido abre un archivo de entrada malicioso especialmente diseñado que causa que el programa maneje inapropiadamente los punteros. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Red Lion Crimson. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CD3 files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. • https://www.us-cert.gov/ics/advisories/icsa-19-248-01 • CWE-465: Pointer Issues •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10978 – Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-10978
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area. Red Lion Controls Crimson, versión 3.0 y anterior y versión 3.1 anterior a la publicación 3112.00, permite que múltiples vulnerabilidades sean explotadas cuando un usuario válido abre un archivo de entrada malicioso especialmente diseñado que opera fuera del área de memoria designada. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Red Lion Crimson. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of CD31 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://www.us-cert.gov/ics/advisories/icsa-19-248-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2019-10996 – Red Lion Crimson CD31 File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-10996
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that can reference memory after it has been freed. Red Lion Controls Crimson, versión 3.0 y anterior y versión 3.1 anterior a la publicación 3112.00, permite que múltiples vulnerabilidades sean explotadas cuando un usuario válido abre un archivo de entrada malicioso especialmente diseñado que puede hacer referencia a la memoria después de que haya sido liberada. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Red Lion Crimson. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of CD31 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://www.us-cert.gov/ics/advisories/icsa-19-248-01 • CWE-416: Use After Free •