Common Weakness Enumeration

CWE-353

Allowed

Missing Support for Integrity Check

Abstraction: Base · Status: Draft

The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.

62 vulnerabilities reference this CWE, most recent first.

CVE-2025-15364 (GCVE-0-2025-15364)

Vulnerability from cvelistv5 – Published: 2026-01-06 01:50 – Updated: 2026-04-08 16:33
VLAI
Title
Download Manager <= 3.3.40 - Unauthenticated Limited Privilege Escalation via updatePassword
Summary
The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.40. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change user's passwords, except administrators, and leverage that to gain access to their account.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
Impacted products
Vendor Product Version
codename065 Download Manager Affected: 0 , ≤ 3.3.40 (semver)
Create a notification for this product.
Credits
Drew Webber
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15364",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-06T14:20:09.826991Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-06T18:57:23.139Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Download Manager",
          "vendor": "codename065",
          "versions": [
            {
              "lessThanOrEqual": "3.3.40",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Drew Webber"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.40. This is due to the plugin not properly validating a user\u0027s identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change user\u0027s passwords, except administrators, and leverage that to gain access to their account."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353 Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:33:45.276Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/067031e8-6aa8-451c-a318-b1848c7a4f92?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.3.40/src/__/Crypt.php#L18"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3431915/download-manager#file7"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-30T14:38:48.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2026-01-05T13:11:34.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Download Manager \u003c= 3.3.40 - Unauthenticated Limited Privilege Escalation via updatePassword"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-15364",
    "datePublished": "2026-01-06T01:50:12.652Z",
    "dateReserved": "2025-12-30T14:21:41.555Z",
    "dateUpdated": "2026-04-08T16:33:45.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10010 (GCVE-0-2025-10010)

Vulnerability from cvelistv5 – Published: 2026-02-24 14:13 – Updated: 2026-03-12 23:06
VLAI
Title
Integrity Validation Bypass in CryptoPro Secure Disk for BitLocker
Summary
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple checks are performed to validate the integrity of the Linux operating system and the CryptoPro Secure Disk application files. When files are changed an error is shown on system start. One of the checks is the Linux kernel's Integrity Measurement Architecture (IMA). It was identified that configuration files are not validated by the IMA and can then (if not checked by other measures) be changed. This allows an attacker to execute arbitrary code in the context of the root user and enables an attacker to e.g., plant a backdoor and access data during execution.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
References
Impacted products
Credits
Gorazd Jank, SEC Consult Vulnerability Lab Stefan Viehböck, SEC Consult Vulnerability Lab
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.8,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-10010",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-24T14:50:57.464414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-24T14:53:28.726Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-03-12T23:06:38.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://seclists.org/fulldisclosure/2026/Mar/0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CryptoPro Secure Disk for BitLocker",
          "vendor": "CPSD IT SERVICES GMBH",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c7.6.6 / 7.7.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Gorazd Jank, SEC Consult Vulnerability Lab"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Stefan Viehb\u00f6ck, SEC Consult Vulnerability Lab"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk.\u003cbr\u003e\u003cbr\u003eMultiple checks are performed to validate the integrity of the Linux operating system and the CryptoPro Secure Disk application files. When files are changed an error is shown on system start. One of the checks is the Linux kernel\u0027s Integrity Measurement Architecture (IMA). It was identified that configuration files are not validated by the IMA and can then (if not checked by other measures) be changed. This allows an attacker to execute arbitrary code in the context of the root user and enables an attacker to e.g., plant a backdoor and access data during execution.\u003cbr\u003e"
            }
          ],
          "value": "The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk.\n\nMultiple checks are performed to validate the integrity of the Linux operating system and the CryptoPro Secure Disk application files. When files are changed an error is shown on system start. One of the checks is the Linux kernel\u0027s Integrity Measurement Architecture (IMA). It was identified that configuration files are not validated by the IMA and can then (if not checked by other measures) be changed. This allows an attacker to execute arbitrary code in the context of the root user and enables an attacker to e.g., plant a backdoor and access data during execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-75",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-75 Manipulating Writeable Configuration Files"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353 Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-24T14:13:29.155Z",
        "orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
        "shortName": "SEC-VLab"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://r.sec-consult.com/cpsd"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The vendor provides a patch with version 7.6.6 / 7.7.1. Encryption is activated by default starting with version 7.7.\u003cbr\u003e"
            }
          ],
          "value": "The vendor provides a patch with version 7.6.6 / 7.7.1. Encryption is activated by default starting with version 7.7."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Integrity Validation Bypass in CryptoPro Secure Disk for BitLocker",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Encryption of the PBA partition is possible (since version 7.6.0) and prevents changing of the configuration files. Encryption can be activated via \"Client Security/Verschiedenes/PBA Linux Partition verschl\u00fcsseln\". Clients will be informed by the vendor about the risk if the PBA partition is not encrypted.\u003cbr\u003e"
            }
          ],
          "value": "Encryption of the PBA partition is possible (since version 7.6.0) and prevents changing of the configuration files. Encryption can be activated via \"Client Security/Verschiedenes/PBA Linux Partition verschl\u00fcsseln\". Clients will be informed by the vendor about the risk if the PBA partition is not encrypted."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
    "assignerShortName": "SEC-VLab",
    "cveId": "CVE-2025-10010",
    "datePublished": "2026-02-24T14:13:29.155Z",
    "dateReserved": "2025-09-05T08:13:43.528Z",
    "dateUpdated": "2026-03-12T23:06:38.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-47123 (GCVE-0-2024-47123)

Vulnerability from cvelistv5 – Published: 2024-09-26 17:20 – Updated: 2024-11-21 16:57
VLAI
Title
Missing Support for Integrity Check in goTenna Pro
Summary
The goTenna Pro App uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is recommended to continue to use encryption in the app and update to the current release for more secure operations.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
References
Impacted products
Vendor Product Version
goTenna Pro Affected: 0 , ≤ 1.61 (custom)
Create a notification for this product.
Credits
Erwin Karincic, Clayton Smith, and Dale Wooden reported this these vulnerabilities to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47123",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T18:34:11.235345Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T16:57:33.110Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Pro",
          "vendor": "goTenna",
          "versions": [
            {
              "lessThanOrEqual": "1.61",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Erwin Karincic, Clayton Smith, and Dale Wooden reported this these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\nThe goTenna Pro App uses AES CTR type encryption for short, encrypted \nmessages without any additional integrity checking mechanisms. This \nleaves messages malleable to an attacker that can access the message. It\n is recommended to continue to use encryption in the app and update to \nthe current release for more secure operations.\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
            }
          ],
          "value": "The goTenna Pro App uses AES CTR type encryption for short, encrypted \nmessages without any additional integrity checking mechanisms. This \nleaves messages malleable to an attacker that can access the message. It\n is recommended to continue to use encryption in the app and update to \nthe current release for more secure operations."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353 Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-17T17:26:11.062Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-04"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:\n\u003cul\u003e\n\u003cli\u003eAndroid Pro: v2.0.3 or greater\u003c/li\u003e\n\u003cli\u003eiOS Pro: v2.0.3 or greater\u003c/li\u003e\n\u003c/ul\u003e"
            }
          ],
          "value": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:\n\n  *  Android Pro: v2.0.3 or greater\n\n  *  iOS Pro: v2.0.3 or greater"
        }
      ],
      "source": {
        "advisory": "ICSA-24-270-04",
        "discovery": "EXTERNAL"
      },
      "title": "Missing Support for Integrity Check in goTenna Pro",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003egoTenna recommends that users follow these mitigations:\u003c/p\u003e\n\u003cp\u003eGeneral Mitigations for All Users/Clients\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse Discreet Callsigns and Key Names: Choose callsigns and key names\n that do not disclose sensitive information, such as your location, team\n size, or team name. Avoid using any identifiers that could \ninadvertently reveal your location or the composition of your team.\u003c/li\u003e\n\u003cli\u003eSecure End-User Devices: Implement strong security measures on all \nend-user devices, including the use of encryption and ensuring regular \nsoftware updates.\u003c/li\u003e\n\u003cli\u003eFollow Key Rotation Best Practices: Regularly rotate encryption keys\n according to industry best practices to maintain ongoing security.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePro-Specific Mitigations\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShare Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.\u003c/li\u003e\n\u003cli\u003eSecure Broadcasting: When broadcasting, ensure you are in a secured \narea and transmit the key at a reduced power of 0.5 Watts to limit \nexposure.\u003c/li\u003e\n\u003cli\u003eLeverage Layered Encryption: Implement layered encryption keys to \nsecurely manage communications, whether interacting with individuals or \nteams.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIf you have any questions please contact \u003ca target=\"_blank\" rel=\"nofollow\"\u003eprosupport@gotenna.com\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003egoTenna recommends users follow their secure operating \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.gotennapro.com/s/article/Secure-Operating\"\u003ebest practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "goTenna recommends that users follow these mitigations:\n\n\nGeneral Mitigations for All Users/Clients\n\n\n\n  *  Use Discreet Callsigns and Key Names: Choose callsigns and key names\n that do not disclose sensitive information, such as your location, team\n size, or team name. Avoid using any identifiers that could \ninadvertently reveal your location or the composition of your team.\n\n  *  Secure End-User Devices: Implement strong security measures on all \nend-user devices, including the use of encryption and ensuring regular \nsoftware updates.\n\n  *  Follow Key Rotation Best Practices: Regularly rotate encryption keys\n according to industry best practices to maintain ongoing security.\n\n\n\n\nPro-Specific Mitigations\n\n\n\n  *  Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.\n\n  *  Secure Broadcasting: When broadcasting, ensure you are in a secured \narea and transmit the key at a reduced power of 0.5 Watts to limit \nexposure.\n\n  *  Leverage Layered Encryption: Implement layered encryption keys to \nsecurely manage communications, whether interacting with individuals or \nteams.\n\n\n\n\nIf you have any questions please contact prosupport@gotenna.com.\n\n\ngoTenna recommends users follow their secure operating  best practices https://support.gotennapro.com/s/article/Secure-Operating"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2024-47123",
    "datePublished": "2024-09-26T17:20:26.885Z",
    "dateReserved": "2024-09-18T21:32:27.324Z",
    "dateUpdated": "2024-11-21T16:57:33.110Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-43108 (GCVE-0-2024-43108)

Vulnerability from cvelistv5 – Published: 2024-09-26 17:28 – Updated: 2024-10-17 16:53
VLAI
Title
goTenna Pro ATAK Plugin Missing Support for Integrity Check
Summary
The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is advised to continue to use encryption in the plugin and update to the current release for enhanced encryption protocols.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
goTenna Pro ATAK Plugin Affected: 0 , ≤ 1.9.12 (custom)
Create a notification for this product.
Date Public
2024-09-26 13:19
Credits
Erwin Karincic, Clayton Smith, and Dale Wooden reported this these vulnerabilities to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-43108",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T17:42:48.670662Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T17:46:55.907Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Pro ATAK Plugin",
          "vendor": "goTenna",
          "versions": [
            {
              "lessThanOrEqual": "1.9.12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Erwin Karincic, Clayton Smith, and Dale Wooden reported this these vulnerabilities to CISA."
        }
      ],
      "datePublic": "2024-09-26T13:19:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, \nencrypted messages without any additional integrity checking mechanisms.\n This leaves messages malleable to an attacker that can access the \nmessage. It is advised to continue to use encryption in the plugin and \nupdate to the current release for enhanced encryption protocols."
            }
          ],
          "value": "The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, \nencrypted messages without any additional integrity checking mechanisms.\n This leaves messages malleable to an attacker that can access the \nmessage. It is advised to continue to use encryption in the plugin and \nupdate to the current release for enhanced encryption protocols."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-17T16:53:16.231Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-05"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003e\n\u003cp\u003egoTenna recommends that users mitigate these vulnerabilities by performing the following updates:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eATAK Plugin: v2.0.7 or greater\u003c/li\u003e\n\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "goTenna recommends that users mitigate these vulnerabilities by performing the following updates:\n\n\n\n  *  ATAK Plugin: v2.0.7 or greater"
        }
      ],
      "source": {
        "advisory": "ICSA-24-270-05",
        "discovery": "EXTERNAL"
      },
      "title": "goTenna Pro ATAK Plugin Missing Support for Integrity Check",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003egoTenna recommends that users follow these mitigations:\u003c/p\u003e\n\u003cp\u003eGeneral Mitigations for All Users/Clients\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse Discreet Callsigns and Key Names: Choose callsigns and key names\n that do not disclose sensitive information, such as your location, team\n size, or team name. Avoid using any identifiers that could \ninadvertently reveal your location or the composition of your team.\u003c/li\u003e\n\u003cli\u003eSecure End-User Devices: Implement strong security measures on all \nend-user devices, including the use of encryption and ensuring regular \nsoftware updates.\u003c/li\u003e\n\u003cli\u003eFollow Key Rotation Best Practices: Regularly rotate encryption keys\n according to industry best practices to maintain ongoing security.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePro-Specific Mitigations\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eShare Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.\u003c/li\u003e\n\u003cli\u003eSecure Broadcasting: When broadcasting, ensure you are in a secured \narea and transmit the key at a reduced power of 0.5 Watts to limit \nexposure.\u003c/li\u003e\n\u003cli\u003eLeverage Layered Encryption: Implement layered encryption keys to \nsecurely manage communications, whether interacting with individuals or \nteams.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIf you have any questions please contact \u003ca target=\"_blank\" rel=\"nofollow\"\u003eprosupport@gotenna.com\u003c/a\u003e\u003c/p\u003egoTenna recommends that users Follow their secure operating \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.gotennapro.com/s/article/Secure-Operating\"\u003ebest practices\u003c/a\u003e."
            }
          ],
          "value": "goTenna recommends that users follow these mitigations:\n\n\nGeneral Mitigations for All Users/Clients\n\n\n\n  *  Use Discreet Callsigns and Key Names: Choose callsigns and key names\n that do not disclose sensitive information, such as your location, team\n size, or team name. Avoid using any identifiers that could \ninadvertently reveal your location or the composition of your team.\n\n  *  Secure End-User Devices: Implement strong security measures on all \nend-user devices, including the use of encryption and ensuring regular \nsoftware updates.\n\n  *  Follow Key Rotation Best Practices: Regularly rotate encryption keys\n according to industry best practices to maintain ongoing security.\n\n\n\n\nPro-Specific Mitigations\n\n\n\n  *  Share Encryption Keys via QR Code: Utilize QR codes, similar to ATAK, for the secure exchange of encryption keys.\n\n  *  Secure Broadcasting: When broadcasting, ensure you are in a secured \narea and transmit the key at a reduced power of 0.5 Watts to limit \nexposure.\n\n  *  Leverage Layered Encryption: Implement layered encryption keys to \nsecurely manage communications, whether interacting with individuals or \nteams.\n\n\n\n\nIf you have any questions please contact  best practices https://support.gotennapro.com/s/article/Secure-Operating ."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2024-43108",
    "datePublished": "2024-09-26T17:28:10.341Z",
    "dateReserved": "2024-09-24T14:22:20.099Z",
    "dateUpdated": "2024-10-17T16:53:16.231Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32475 (GCVE-0-2023-32475)

Vulnerability from cvelistv5 – Published: 2024-06-07 02:13 – Updated: 2024-08-02 15:18
VLAI
Summary
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
References
Impacted products
Vendor Product Version
Dell CPG BIOS Affected: N/A , < 2.6.0 (semver)
Affected: N/A , < 1.13.0 (semver)
Unaffected: N/A , < 2.16.0 (semver)
Affected: N/A , < 1.15.0 (semver)
Affected: N/A , < 1.16.0 (semver)
Affected: N/A , < 1.9.0 (semver)
Affected: N/A , < 1.5.0 (semver)
Affected: N/A , < 1.18.0 (semver)
Affected: N/A , < 1.8.0 (semver)
Affected: N/A , < 1.15.1 (semver)
Affected: N/A , < 1.12.0 (semver)
Affected: N/A , < 1.17.0 (semver)
Affected: N/A , < 1.14.0 (semver)
Affected: N/A , < 1.19.0 (semver)
Create a notification for this product.
dell cpg_bios Affected: 0 , ≤ 2.6 (custom)
    cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2023-12-12 06:30
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dell:cpg_bios:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "cpg_bios",
            "vendor": "dell",
            "versions": [
              {
                "lessThanOrEqual": "2.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32475",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-07T16:59:56.060370Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-07T17:00:46.144Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:18:37.099Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPG BIOS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.6.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.13.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.16.0",
              "status": "unaffected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.15.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.16.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.9.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.5.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.18.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.8.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.15.1",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.17.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.14.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2023-12-12T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
            }
          ],
          "value": "Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353: Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-07T02:13:17.515Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000215644/dsa-2023-222-security-update-for-an-amd-bios-vulnerability"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2023-32475",
    "datePublished": "2024-06-07T02:13:17.515Z",
    "dateReserved": "2023-05-09T06:07:41.365Z",
    "dateUpdated": "2024-08-02T15:18:37.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-29290 (GCVE-0-2023-29290)

Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2025-03-05 18:56
VLAI
Title
Adobe Commerce Guest Cart Shipping Address Overwrite IDOR
Summary
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check (CWE-353)
Assigner
Impacted products
Vendor Product Version
Adobe Magento Commerce Affected: unspecified , ≤ 2.4.6 (custom)
Affected: unspecified , ≤ 2.4.5-p2 (custom)
Affected: unspecified , ≤ 2.4.4-p3 (custom)
Affected: unspecified , ≤ None (custom)
Create a notification for this product.
Date Public
2023-06-13 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:07:45.451Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29290",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T18:39:03.327161Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T18:56:59.932Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Magento Commerce",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "2.4.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2.4.5-p2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2.4.4-p3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "None",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-06-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "Missing Support for Integrity Check (CWE-353)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-15T00:00:00.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Adobe Commerce Guest Cart Shipping Address Overwrite IDOR "
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2023-29290",
    "datePublished": "2023-06-15T00:00:00.000Z",
    "dateReserved": "2023-04-04T00:00:00.000Z",
    "dateUpdated": "2025-03-05T18:56:59.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-24404 (GCVE-0-2022-24404)

Vulnerability from cvelistv5 – Published: 2023-10-19 09:31 – Updated: 2024-08-03 04:13
VLAI
Title
Ciphertext Malleability in TETRA
Summary
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
References
URL Tags
https://tetraburst.com/ related
Impacted products
Credits
Midnight Blue
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-24404",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T14:21:17.085076Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-15T14:21:24.663Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:13:55.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TETRA:BURST",
            "tags": [
              "related",
              "x_transferred"
            ],
            "url": "https://tetraburst.com/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "TETRA Standard",
          "vendor": "ETSI",
          "versions": [
            {
              "status": "affected",
              "version": "all"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Midnight Blue"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L/E:U/RL:U/RC:R/CR:H/IR:H/AR:H/MAV:A/MAC:H/MPR:N/MUI:N/MS:U/MC:N/MI:H/MA:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T00:27:54.327Z",
        "orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
        "shortName": "NCSC-NL"
      },
      "references": [
        {
          "name": "TETRA:BURST",
          "tags": [
            "related"
          ],
          "url": "https://tetraburst.com/"
        }
      ],
      "title": "Ciphertext Malleability in TETRA"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
    "assignerShortName": "NCSC-NL",
    "cveId": "CVE-2022-24404",
    "datePublished": "2023-10-19T09:31:43.802Z",
    "dateReserved": "2022-02-04T04:43:09.528Z",
    "dateUpdated": "2024-08-03T04:13:55.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2793 (GCVE-0-2022-2793)

Vulnerability from cvelistv5 – Published: 2022-08-19 22:33 – Updated: 2025-04-16 16:12
VLAI
Summary
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
References
Impacted products
Vendor Product Version
Emerson Electric Proficy Machine Edition Affected: all , ≤ 9.00 (custom)
Create a notification for this product.
Credits
Sharon Brizinov of Claroty reported this vulnerability to Emerson and CISA
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:46:04.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2793",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:50:30.891939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:12:08.233Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Proficy Machine Edition",
          "vendor": "Emerson Electric",
          "versions": [
            {
              "lessThanOrEqual": "9.00",
              "status": "affected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sharon Brizinov of Claroty reported this vulnerability to Emerson and CISA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Emerson Electric\u0027s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353 Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-19T22:33:42.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2022-2793",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Proficy Machine Edition",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "all",
                            "version_value": "9.00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Emerson Electric"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Sharon Brizinov of Claroty reported this vulnerability to Emerson and CISA"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Emerson Electric\u0027s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-353 Missing Support for Integrity Check"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2793",
    "datePublished": "2022-08-19T22:33:42.000Z",
    "dateReserved": "2022-08-11T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:12:08.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-38396 (GCVE-0-2021-38396)

Vulnerability from cvelistv5 – Published: 2021-10-04 17:35 – Updated: 2024-09-16 20:46
VLAI
Title
Missing Support Integrity Check for Boston Scientific Zoom Latitude
Summary
The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB.
CWE
  • CWE-353 - Missing Support for Integrity Check
Assigner
References
Impacted products
Date Public
2021-09-30 00:00
Credits
Endres Puschner - Max Planck Institute for Security and Privacy, Bochum, Christoph Saatjohann - FH Münster University of Applied Sciences, Christian Dresen - FH Münster University of Applied Sciences, and Markus Willing - University of Muenster, discovered these issues as part of broader academic research of cardiac devices and reported them to Boston Scientific.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:37:16.545Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ZOOM LATITUDE",
          "vendor": "Boston Scientific",
          "versions": [
            {
              "status": "affected",
              "version": "Model 3120"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Endres Puschner - Max Planck Institute for Security and Privacy, Bochum, Christoph Saatjohann - FH M\u00fcnster  University of Applied Sciences, Christian Dresen - FH M\u00fcnster University of Applied Sciences, and Markus  Willing - University of Muenster, discovered these issues as part of broader academic research of cardiac devices  and reported them to Boston Scientific."
        }
      ],
      "datePublic": "2021-09-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "CWE-353 Missing Support for Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-04T17:35:21.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01"
        }
      ],
      "source": {
        "advisory": "ICSMA-21-273-01",
        "defect": [
          "CWE-353"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Missing Support Integrity Check for Boston Scientific Zoom Latitude",
      "workarounds": [
        {
          "lang": "en",
          "value": "Boston Scientific is in the process of transitioning all users to a replacement programmer with enhanced security,  the LATITUDE Programming System, Model 3300. Boston Scientific will not issue a product update to address the identified vulnerabilities in the ZOOM LATITUDE Programming System, Model 3120."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2021-09-30T21:02:00.000Z",
          "ID": "CVE-2021-38396",
          "STATE": "PUBLIC",
          "TITLE": "Missing Support Integrity Check for Boston Scientific Zoom Latitude"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ZOOM LATITUDE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Model 3120"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Boston Scientific"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Endres Puschner - Max Planck Institute for Security and Privacy, Bochum, Christoph Saatjohann - FH M\u00fcnster  University of Applied Sciences, Christian Dresen - FH M\u00fcnster University of Applied Sciences, and Markus  Willing - University of Muenster, discovered these issues as part of broader academic research of cardiac devices  and reported them to Boston Scientific."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-353 Missing Support for Integrity Check"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01"
            }
          ]
        },
        "source": {
          "advisory": "ICSMA-21-273-01",
          "defect": [
            "CWE-353"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Boston Scientific is in the process of transitioning all users to a replacement programmer with enhanced security,  the LATITUDE Programming System, Model 3300. Boston Scientific will not issue a product update to address the identified vulnerabilities in the ZOOM LATITUDE Programming System, Model 3120."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-38396",
    "datePublished": "2021-10-04T17:35:21.072Z",
    "dateReserved": "2021-08-10T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:46:57.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-28546 (GCVE-0-2021-28546)

Vulnerability from cvelistv5 – Published: 2021-04-01 13:35 – Updated: 2024-09-16 23:10
VLAI
Title
Acrobat Reader DC Missing Support for Integrity Check
Summary
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file.
CWE
  • CWE-353 - Missing Support for Integrity Check (CWE-353)
Assigner
References
Impacted products
Vendor Product Version
Adobe Acrobat Reader Affected: unspecified , ≤ 2020.013.20074 (custom)
Affected: unspecified , ≤ 2020.001.30018 (custom)
Affected: unspecified , ≤ 2017.011.30188 (custom)
Affected: unspecified , ≤ None (custom)
Create a notification for this product.
Date Public
2021-02-09 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T21:47:32.620Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Acrobat Reader",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "2020.013.20074",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2020.001.30018",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2017.011.30188",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "None",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-02-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-353",
              "description": "Missing Support for Integrity Check (CWE-353)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-01T13:35:46.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Acrobat Reader DC Missing Support for Integrity Check",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
          "ID": "CVE-2021-28546",
          "STATE": "PUBLIC",
          "TITLE": "Acrobat Reader DC Missing Support for Integrity Check"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Acrobat Reader",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "2020.013.20074"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "2020.001.30018"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "2017.011.30188"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "None"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Adobe"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "availabilityImpact": "None",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "userInteraction": "Required",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Missing Support for Integrity Check (CWE-353)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
              "refsource": "MISC",
              "url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2021-28546",
    "datePublished": "2021-04-01T13:35:46.332Z",
    "dateReserved": "2021-03-16T00:00:00.000Z",
    "dateUpdated": "2024-09-16T23:10:26.406Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design

Add an appropriately sized checksum to the protocol, ensuring that data received may be simply validated before it is parsed and used.

Mitigation
Implementation

Ensure that the checksums present in the protocol design are properly implemented and added to each message before it is sent.

CAPEC-13: Subverting Environment Variable Values

The adversary directly or indirectly modifies environment variables used by or controlling the target software. The adversary's goal is to cause the target software to deviate from its expected operation in a manner that benefits the adversary.

CAPEC-14: Client-side Injection-induced Buffer Overflow

This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service. This hostile service is created to deliver the correct content to the client software. For example, if the client-side application is a browser, the service will host a webpage that the browser loads.

CAPEC-389: Content Spoofing Via Application API Manipulation

An attacker manipulates either egress or ingress data from a client within an application framework in order to change the content of messages. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that look authentic but may contain deceptive links, spam-like content, or links to the attackers' code. In general, content-spoofing within an application API can be employed to stage many different types of attacks varied based on the attackers' intent. The techniques require use of specialized software that allow the attacker to use adversary-in-the-middle (CAPEC-94) communications between the web browser and the remote system.

CAPEC-39: Manipulating Opaque Client-based Data Tokens

In circumstances where an application holds important data client-side in tokens (cookies, URLs, data files, and so forth) that data can be manipulated. If client or server-side application components reinterpret that data as authentication tokens or data (such as store item pricing or wallet information) then even opaquely manipulating that data may bear fruit for an Attacker. In this pattern an attacker undermines the assumption that client side tokens have been adequately protected from tampering through use of encryption or obfuscation.

CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.

CAPEC-74: Manipulating State

The adversary modifies state information maintained by the target software or causes a state transition in hardware. If successful, the target will use this tainted state and execute in an unintended manner.

State management is an important function within a software application. User state maintained by the application can include usernames, payment information, browsing history as well as application-specific contents such as items in a shopping cart. Manipulating user state can be employed by an adversary to elevate privilege, conduct fraudulent transactions or otherwise modify the flow of the application to derive certain benefits.

If there is a hardware logic error in a finite state machine, the adversary can use this to put the system in an undefined state which could cause a denial of service or exposure of secure data.

CAPEC-75: Manipulating Writeable Configuration Files

Generally these are manually edited files that are not in the preview of the system administrators, any ability on the attackers' behalf to modify these files, for example in a CVS repository, gives unauthorized access directly to the application, the same as authorized users.