Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2025-27493
Vulnerability from cvelistv5
Published
2025-03-11 09:48
Modified
2025-03-11 13:23
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.3 (Critical) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS score ?
0.02%
(0.04369)
Summary
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SiPass integrated AC5102 (ACC-G2) |
Version: 0 < V6.4.9 |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-27493", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-11T13:22:51.045899Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-11T13:23:01.779Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SiPass integrated AC5102 (ACC-G2)", vendor: "Siemens", versions: [ { lessThan: "V6.4.9", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SiPass integrated ACC-AP", vendor: "Siemens", versions: [ { lessThan: "V6.4.9", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 9.3, baseSeverity: "CRITICAL", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T09:48:32.888Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-515903.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2025-27493", datePublished: "2025-03-11T09:48:32.888Z", dateReserved: "2025-02-26T18:05:35.964Z", dateUpdated: "2025-03-11T13:23:01.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2025-27493\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2025-03-11T10:15:19.577\",\"lastModified\":\"2025-03-11T10:15:19.577\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SiPass integrated AC5102 (ACC-G2) (Todas las versiones < V6.4.9), SiPass integrated ACC-AP (Todas las versiones < V6.4.9). Los dispositivos afectados depuran incorrectamente la entrada del usuario para comandos específicos en la interfaz de línea de comandos de Telnet. Esto podría permitir que un administrador local autenticado aumente los privilegios mediante la inyección de comandos arbitrarios que se ejecutan con privilegios de superusuario.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-515903.html\",\"source\":\"productcert@siemens.com\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-27493\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-11T13:22:51.045899Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-11T13:22:58.540Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\"}}, {\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.3, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"SiPass integrated AC5102 (ACC-G2)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V6.4.9\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SiPass integrated ACC-AP\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V6.4.9\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-515903.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2025-03-11T09:48:32.888Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2025-27493\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-11T13:23:01.779Z\", \"dateReserved\": \"2025-02-26T18:05:35.964Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2025-03-11T09:48:32.888Z\", \"assignerShortName\": \"siemens\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
fkie_cve-2025-27493
Vulnerability from fkie_nvd
Published
2025-03-11 10:15
Modified
2025-03-11 10:15
Severity ?
Summary
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SiPass integrated AC5102 (ACC-G2) (Todas las versiones < V6.4.9), SiPass integrated ACC-AP (Todas las versiones < V6.4.9). Los dispositivos afectados depuran incorrectamente la entrada del usuario para comandos específicos en la interfaz de línea de comandos de Telnet. Esto podría permitir que un administrador local autenticado aumente los privilegios mediante la inyección de comandos arbitrarios que se ejecutan con privilegios de superusuario.", }, ], id: "CVE-2025-27493", lastModified: "2025-03-11T10:15:19.577", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "productcert@siemens.com", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "LOCAL", availabilityRequirement: "NOT_DEFINED", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "HIGH", subConfidentialityImpact: "HIGH", subIntegrityImpact: "HIGH", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2025-03-11T10:15:19.577", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-515903.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
ghsa-vx36-4cp6-8qcp
Vulnerability from github
Published
2025-03-11 12:30
Modified
2025-03-11 12:30
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.3 (Critical) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.3 (Critical) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Details
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.
{ affected: [], aliases: [ "CVE-2025-27493", ], database_specific: { cwe_ids: [ "CWE-20", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2025-03-11T10:15:19Z", severity: "CRITICAL", }, details: "A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.", id: "GHSA-vx36-4cp6-8qcp", modified: "2025-03-11T12:30:59Z", published: "2025-03-11T12:30:59Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-27493", }, { type: "WEB", url: "https://cert-portal.siemens.com/productcert/html/ssa-515903.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", type: "CVSS_V4", }, ], }
ncsc-2025-0077
Vulnerability from csaf_ncscnl
Published
2025-03-11 12:30
Modified
2025-03-11 12:30
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter en Tecnomatix.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Dreigingsinformatie
Kans
medium
Schade
high
CWE-187
Partial String Comparison
CWE-283
Unverified Ownership
CWE-273
Improper Check for Dropped Privileges
CWE-1287
Improper Validation of Specified Type of Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-208
Observable Timing Discrepancy
CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
CWE-824
Access of Uninitialized Pointer
CWE-305
Authentication Bypass by Primary Weakness
CWE-117
Improper Output Neutralization for Logs
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-693
Protection Mechanism Failure
CWE-552
Files or Directories Accessible to External Parties
CWE-290
Authentication Bypass by Spoofing
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-306
Missing Authentication for Critical Function
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-121
Stack-based Buffer Overflow
CWE-20
Improper Input Validation
CWE-287
Improper Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Siemens heeft kwetsbaarheden verholpen in diverse producten als SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter en Tecnomatix.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", title: "Interpretaties", }, { category: "description", text: "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "description", text: " ", title: "Dreigingsinformatie", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Partial String Comparison", title: "CWE-187", }, { category: "general", text: "Unverified Ownership", title: "CWE-283", }, { category: "general", text: "Improper Check for Dropped Privileges", title: "CWE-273", }, { category: "general", text: "Improper Validation of Specified Type of Input", title: "CWE-1287", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Improper Restriction of Communication Channel to Intended Endpoints", title: "CWE-923", }, { category: "general", text: "Access of Uninitialized Pointer", title: "CWE-824", }, { category: "general", text: "Authentication Bypass by Primary Weakness", title: "CWE-305", }, { category: "general", text: "Improper Output Neutralization for Logs", title: "CWE-117", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authentication Bypass by Spoofing", title: "CWE-290", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Missing Authentication for Critical Function", title: "CWE-306", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Authentication", title: "CWE-287", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-050438.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-073066.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-075201.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-216014.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-280834.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-503939.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-507653.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-515903.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-615740.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787280.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-858251.pdf", }, ], title: "Kwetsbaarheden verholpen in Siemens producten", tracking: { current_release_date: "2025-03-11T12:30:29.277759Z", generator: { date: "2025-02-25T15:15:00Z", engine: { name: "V.A.", version: "1.0", }, }, id: "NCSC-2025-0077", initial_release_date: "2025-03-11T12:30:29.277759Z", revision_history: [ { date: "2025-03-11T12:30:29.277759Z", number: "1.0.0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459094", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299123", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459095", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299124", }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/3.x", product: { name: "vers:unknown/3.x", product_id: "CSAFPID-2459491", }, }, { category: "product_version_range", name: "vers:unknown/<v4.0", product: { name: "vers:unknown/<v4.0", product_id: "CSAFPID-2459084", }, }, ], category: "product_name", name: "SCALANCE LPE9403", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459096", }, }, ], category: "product_name", name: "SCALANCE M804PB", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299125", }, }, ], category: "product_name", name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299126", }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299127", }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459097", }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router family", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299128", }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299129", }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459098", }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router family", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459099", }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299130", }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459100", }, }, ], category: "product_name", name: "SCALANCE M874-2", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299131", }, }, ], category: "product_name", name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459101", }, }, ], category: "product_name", name: "SCALANCE M874-3", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299132", }, }, ], category: "product_name", name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459102", }, }, ], category: "product_name", name: "SCALANCE M874-3 3G-Router (CN)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299133", }, }, ], category: "product_name", name: "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459103", }, }, ], category: "product_name", name: "SCALANCE M876-3", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299134", }, }, ], category: "product_name", name: "SCALANCE M876-3 (6GK5876-3AA02-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459104", }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299135", }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459105", }, }, ], category: "product_name", name: "SCALANCE M876-4", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299136", }, }, ], category: "product_name", name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459106", }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299137", }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459107", }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299138", }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459108", }, }, ], category: "product_name", name: "SCALANCE MUB852-1 (A1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459109", }, }, ], category: "product_name", name: "SCALANCE MUB852-1 (B1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459110", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (A1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299139", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459111", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (B1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299140", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459112", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299141", }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459113", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (A1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299142", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459114", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (B1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299143", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459115", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (CN)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299144", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459116", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299145", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459117", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW)", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299146", }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459118", }, }, ], category: "product_name", name: "SCALANCE S615 EEC LAN-Router", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299147", }, }, ], category: "product_name", name: "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v8.2.1", product: { name: "vers:unknown/<v8.2.1", product_id: "CSAFPID-2459119", }, }, ], category: "product_name", name: "SCALANCE S615 LAN-Router", }, { branches: [ { category: "product_version_range", name: "vers:all/<v8.2", product: { name: "vers:all/<v8.2", product_id: "CSAFPID-1299148", }, }, ], category: "product_name", name: "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459120", }, }, ], category: "product_name", name: "SCALANCE SC-600 family", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459042", }, }, ], category: "product_name", name: "SIMATIC Field PG M5", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v26.01.12", product: { name: "vers:unknown/<v26.01.12", product_id: "CSAFPID-2459077", }, }, ], category: "product_name", name: "SIMATIC Field PG M6", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v31.01.07", product: { name: "vers:unknown/<v31.01.07", product_id: "CSAFPID-2459043", }, }, ], category: "product_name", name: "SIMATIC IPC BX-21A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459044", }, }, ], category: "product_name", name: "SIMATIC IPC BX-32A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459045", }, }, ], category: "product_name", name: "SIMATIC IPC BX-39A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v32.01.04", product: { name: "vers:unknown/<v32.01.04", product_id: "CSAFPID-2459046", }, }, ], category: "product_name", name: "SIMATIC IPC BX-59A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459047", }, }, ], category: "product_name", name: "SIMATIC IPC PX-32A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459048", }, }, ], category: "product_name", name: "SIMATIC IPC PX-39A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v29.01.07", product: { name: "vers:unknown/<v29.01.07", product_id: "CSAFPID-2459049", }, }, ], category: "product_name", name: "SIMATIC IPC PX-39A PRO", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459050", }, }, ], category: "product_name", name: "SIMATIC IPC RC-543B", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459051", }, }, ], category: "product_name", name: "SIMATIC IPC RW-543A", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459052", }, }, ], category: "product_name", name: "SIMATIC IPC127E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459053", }, }, ], category: "product_name", name: "SIMATIC IPC227E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459054", }, }, ], category: "product_name", name: "SIMATIC IPC227G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459055", }, }, ], category: "product_name", name: "SIMATIC IPC277E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459056", }, }, ], category: "product_name", name: "SIMATIC IPC277G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459058", }, }, ], category: "product_name", name: "SIMATIC IPC3000 SMART V3", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459059", }, }, ], category: "product_name", name: "SIMATIC IPC327G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459060", }, }, ], category: "product_name", name: "SIMATIC IPC347G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459061", }, }, ], category: "product_name", name: "SIMATIC IPC377G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459062", }, }, ], category: "product_name", name: "SIMATIC IPC427E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459063", }, }, ], category: "product_name", name: "SIMATIC IPC477E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459064", }, }, ], category: "product_name", name: "SIMATIC IPC477E PRO", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459065", }, }, ], category: "product_name", name: "SIMATIC IPC527G", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459066", }, }, ], category: "product_name", name: "SIMATIC IPC627E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459067", }, }, ], category: "product_name", name: "SIMATIC IPC647E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459068", }, }, ], category: "product_name", name: "SIMATIC IPC677E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v25.02.15", product: { name: "vers:unknown/<v25.02.15", product_id: "CSAFPID-2459069", }, }, ], category: "product_name", name: "SIMATIC IPC847E", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459070", }, }, ], category: "product_name", name: "SIMATIC ITP1000", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459057", }, }, ], category: "product_name", name: "SIMATIC IPC277G PRO", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<*", product: { name: "vers:unknown/<*", product_id: "CSAFPID-2459093", }, }, ], category: "product_name", name: "SINAMICS S200", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v6.4.8", product: { name: "vers:unknown/<v6.4.8", product_id: "CSAFPID-2459089", }, }, { category: "product_version_range", name: "vers:unknown/<v6.4.9", product: { name: "vers:unknown/<v6.4.9", product_id: "CSAFPID-2459082", }, }, ], category: "product_name", name: "SiPass integrated AC5102 (ACC-G2)", }, { branches: [ { category: "product_version_range", name: "vers:unknown/6.4.0", product: { name: "vers:unknown/6.4.0", product_id: "CSAFPID-2459482", }, }, { category: "product_version_range", name: "vers:unknown/6.4.1", product: { name: "vers:unknown/6.4.1", product_id: "CSAFPID-2459483", }, }, { category: "product_version_range", name: "vers:unknown/6.4.2", product: { name: "vers:unknown/6.4.2", product_id: "CSAFPID-2459484", }, }, { category: "product_version_range", name: "vers:unknown/6.4.3", product: { name: "vers:unknown/6.4.3", product_id: "CSAFPID-2459485", }, }, { category: "product_version_range", name: "vers:unknown/6.4.4", product: { name: "vers:unknown/6.4.4", product_id: "CSAFPID-2459486", }, }, { category: "product_version_range", name: "vers:unknown/6.4.5", product: { name: "vers:unknown/6.4.5", product_id: "CSAFPID-2459487", }, }, { category: "product_version_range", name: "vers:unknown/6.4.6", product: { name: "vers:unknown/6.4.6", product_id: "CSAFPID-2459488", }, }, { category: "product_version_range", name: "vers:unknown/6.4.7", product: { name: "vers:unknown/6.4.7", product_id: "CSAFPID-2459489", }, }, { category: "product_version_range", name: "vers:unknown/6.4.8", product: { name: "vers:unknown/6.4.8", product_id: "CSAFPID-2459490", }, }, ], category: "product_name", name: "SiPass integrated AC5102, SiPass integrated ACC-AP", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v6.4.8", product: { name: "vers:unknown/<v6.4.8", product_id: "CSAFPID-2459090", }, }, { category: "product_version_range", name: "vers:unknown/<v6.4.9", product: { name: "vers:unknown/<v6.4.9", product_id: "CSAFPID-2459083", }, }, ], category: "product_name", name: "SiPass integrated ACC-AP", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v14.3.0.13", product: { name: "vers:unknown/<v14.3.0.13", product_id: "CSAFPID-2459071", }, }, ], category: "product_name", name: "Teamcenter Visualization V14.3", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2312.0009", product: { name: "vers:unknown/<v2312.0009", product_id: "CSAFPID-2459072", }, }, ], category: "product_name", name: "Teamcenter Visualization V2312", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2406.0007", product: { name: "vers:unknown/<v2406.0007", product_id: "CSAFPID-2459073", }, }, ], category: "product_name", name: "Teamcenter Visualization V2406", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2412.0002", product: { name: "vers:unknown/<v2412.0002", product_id: "CSAFPID-2459074", }, }, ], category: "product_name", name: "Teamcenter Visualization V2412", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2302.0021", product: { name: "vers:unknown/<v2302.0021", product_id: "CSAFPID-2459075", }, }, ], category: "product_name", name: "Tecnomatix Plant Simulation V2302", }, { branches: [ { category: "product_version_range", name: "vers:unknown/<v2404.0010", product: { name: "vers:unknown/<v2404.0010", product_id: "CSAFPID-2459076", }, }, ], category: "product_name", name: "Tecnomatix Plant Simulation V2404", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2024-1305", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-1305", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1305.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-1305", }, { cve: "CVE-2024-4877", product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-4877", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4877.json", }, ], title: "CVE-2024-4877", }, { cve: "CVE-2024-5594", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, notes: [ { category: "other", text: "Improper Output Neutralization for Logs", title: "CWE-117", }, { category: "other", text: "Improper Validation of Specified Type of Input", title: "CWE-1287", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-5594", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5594.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-5594", }, { cve: "CVE-2024-24974", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "other", text: "Improper Restriction of Communication Channel to Intended Endpoints", title: "CWE-923", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-24974", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24974.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-24974", }, { cve: "CVE-2024-27459", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-27459", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27459.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-27459", }, { cve: "CVE-2024-27903", cwe: { id: "CWE-283", name: "Unverified Ownership", }, notes: [ { category: "other", text: "Unverified Ownership", title: "CWE-283", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-27903", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27903.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-27903", }, { cve: "CVE-2024-28882", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-28882", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28882.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-28882", }, { cve: "CVE-2024-41046", product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-41046", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41046.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-41046", }, { cve: "CVE-2024-41049", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-41049", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41049.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-41049", }, { cve: "CVE-2024-41055", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-41055", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41055.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-41055", }, { cve: "CVE-2024-42154", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42154", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42154.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42154", }, { cve: "CVE-2024-42161", cwe: { id: "CWE-824", name: "Access of Uninitialized Pointer", }, notes: [ { category: "other", text: "Access of Uninitialized Pointer", title: "CWE-824", }, { category: "general", text: "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42161", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42161.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42161", }, { cve: "CVE-2024-42512", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42512", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42512.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42512", }, { cve: "CVE-2024-42513", cwe: { id: "CWE-290", name: "Authentication Bypass by Spoofing", }, notes: [ { category: "other", text: "Authentication Bypass by Spoofing", title: "CWE-290", }, { category: "other", text: "Authentication Bypass by Primary Weakness", title: "CWE-305", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-42513", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42513.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-42513", }, { cve: "CVE-2024-52285", cwe: { id: "CWE-306", name: "Missing Authentication for Critical Function", }, notes: [ { category: "other", text: "Missing Authentication for Critical Function", title: "CWE-306", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-52285", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52285.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-52285", }, { cve: "CVE-2024-56181", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "other", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-56181", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56181.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-56181", }, { cve: "CVE-2024-56182", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "other", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-56182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56182.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-56182", }, { cve: "CVE-2024-56336", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2024-56336", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56336.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2024-56336", }, { cve: "CVE-2025-23384", cwe: { id: "CWE-187", name: "Partial String Comparison", }, notes: [ { category: "other", text: "Partial String Comparison", title: "CWE-187", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23384.json", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23384", }, { cve: "CVE-2025-23396", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23396", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23396.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23396", }, { cve: "CVE-2025-23397", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23397", }, { cve: "CVE-2025-23398", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23398.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23398", }, { cve: "CVE-2025-23399", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23399", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23399.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23399", }, { cve: "CVE-2025-23400", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23400", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23400.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23400", }, { cve: "CVE-2025-23401", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23401", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23401.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23401", }, { cve: "CVE-2025-23402", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-23402", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23402.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-23402", }, { cve: "CVE-2025-25266", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-25266", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25266.json", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-25266", }, { cve: "CVE-2025-25267", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-25267", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25267.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-25267", }, { cve: "CVE-2025-27392", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27392", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27392.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27392", }, { cve: "CVE-2025-27393", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27393", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27393.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27393", }, { cve: "CVE-2025-27394", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27394", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27394.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27394", }, { cve: "CVE-2025-27395", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27395", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27395.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27395", }, { cve: "CVE-2025-27396", cwe: { id: "CWE-273", name: "Improper Check for Dropped Privileges", }, notes: [ { category: "other", text: "Improper Check for Dropped Privileges", title: "CWE-273", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27396", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27396.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27396", }, { cve: "CVE-2025-27397", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27397.json", }, ], title: "CVE-2025-27397", }, { cve: "CVE-2025-27398", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27398.json", }, ], title: "CVE-2025-27398", }, { cve: "CVE-2025-27438", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27438", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27438.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27438", }, { cve: "CVE-2025-27493", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27493", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27493.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27493", }, { cve: "CVE-2025-27494", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, references: [ { category: "self", summary: "CVE-2025-27494", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27494.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-2459094", "CSAFPID-1299123", "CSAFPID-2459095", "CSAFPID-1299124", "CSAFPID-2459491", "CSAFPID-2459084", "CSAFPID-2459096", "CSAFPID-1299125", "CSAFPID-1299126", "CSAFPID-1299127", "CSAFPID-2459097", "CSAFPID-1299128", "CSAFPID-1299129", "CSAFPID-2459098", "CSAFPID-2459099", "CSAFPID-1299130", "CSAFPID-2459100", "CSAFPID-1299131", "CSAFPID-2459101", "CSAFPID-1299132", "CSAFPID-2459102", "CSAFPID-1299133", "CSAFPID-2459103", "CSAFPID-1299134", "CSAFPID-2459104", "CSAFPID-1299135", "CSAFPID-2459105", "CSAFPID-1299136", "CSAFPID-2459106", "CSAFPID-1299137", "CSAFPID-2459107", "CSAFPID-1299138", "CSAFPID-2459108", "CSAFPID-2459109", "CSAFPID-2459110", "CSAFPID-1299139", "CSAFPID-2459111", "CSAFPID-1299140", "CSAFPID-2459112", "CSAFPID-1299141", "CSAFPID-2459113", "CSAFPID-1299142", "CSAFPID-2459114", "CSAFPID-1299143", "CSAFPID-2459115", "CSAFPID-1299144", "CSAFPID-2459116", "CSAFPID-1299145", "CSAFPID-2459117", "CSAFPID-1299146", "CSAFPID-2459118", "CSAFPID-1299147", "CSAFPID-2459119", "CSAFPID-1299148", "CSAFPID-2459120", "CSAFPID-2459042", "CSAFPID-2459077", "CSAFPID-2459043", "CSAFPID-2459044", "CSAFPID-2459045", "CSAFPID-2459046", "CSAFPID-2459047", "CSAFPID-2459048", "CSAFPID-2459049", "CSAFPID-2459050", "CSAFPID-2459051", "CSAFPID-2459052", "CSAFPID-2459053", "CSAFPID-2459054", "CSAFPID-2459055", "CSAFPID-2459056", "CSAFPID-2459058", "CSAFPID-2459059", "CSAFPID-2459060", "CSAFPID-2459061", "CSAFPID-2459062", "CSAFPID-2459063", "CSAFPID-2459064", "CSAFPID-2459065", "CSAFPID-2459066", "CSAFPID-2459067", "CSAFPID-2459068", "CSAFPID-2459069", "CSAFPID-2459070", "CSAFPID-2459057", "CSAFPID-2459093", "CSAFPID-2459089", "CSAFPID-2459082", "CSAFPID-2459482", "CSAFPID-2459483", "CSAFPID-2459484", "CSAFPID-2459485", "CSAFPID-2459486", "CSAFPID-2459487", "CSAFPID-2459488", "CSAFPID-2459489", "CSAFPID-2459490", "CSAFPID-2459090", "CSAFPID-2459083", "CSAFPID-2459071", "CSAFPID-2459072", "CSAFPID-2459073", "CSAFPID-2459074", "CSAFPID-2459075", "CSAFPID-2459076", ], }, ], title: "CVE-2025-27494", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.