cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-37998,https://securityvulnerability.io/vulnerability/CVE-2024-37998,Password Reset Vulnerability in CPCI85 Central Processing/Communication Could Lead to Administrative Access,"A vulnerability has been found in CPCI85 Central Processing/Communication and SICORE Base System, where the password for administrative accounts can be reset without knowing the current password, particularly if the auto login feature is enabled. This vulnerability creates a pathway for unauthorized users to gain administrative access, significantly jeopardizing the security of the affected systems.",Siemens,"Cpci85 Central Processing/communication,Sicore Base System",9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,2024-07-22T14:15:00.000Z,0
CVE-2024-39601,https://securityvulnerability.io/vulnerability/CVE-2024-39601,Downgrade Vulnerability Affects CPCI85 Devices,"A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). Affected devices allow a remote authenticated user or an unauthenticated user with physical access to downgrade the firmware of the device. This could allow an attacker to downgrade the device to older versions with known vulnerabilities.",Siemens,"Cpci85 Central Processing/communication,Sicore Base System",6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-07-22T14:15:00.000Z,0
CVE-2024-31485,https://securityvulnerability.io/vulnerability/CVE-2024-31485,CPCI85 Central Processing/Communication Vulnerability: Command Injection Risk,"A significant command injection vulnerability has been found in both the CPCI85 Central Processing/Communication and SICORE Base Systems from Siemens. This flaw arises from a lack of adequate server-side input sanitization in the web interface of these products. An authenticated attacker with privileged access could exploit this vulnerability to execute arbitrary commands at the root privilege level, raising severe security concerns for users of affected versions.",Siemens,"Cpci85 Central Processing/communication,Sicore Base System",7.2,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T10:02:25.052Z,0