12 results (0.005 seconds)

CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0

A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0

A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-35: Path Traversal: '.../ •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-35: Path Traversal: '.../ •

CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0

A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.7EPSS: 0%CPEs: 10EXPL: 0

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-732: Incorrect Permission Assignment for Critical Resource •