Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2015-8254
The Frontel protocol prior to 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle malicious users to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream.
Rsi Video Technologies Frontel Protocol
6.5
CVSSv3
CVE-2017-11561
An issue exists in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell.
Zohocorp Manageengine Opmanager 12.2
8.1
CVSSv3
CVE-2020-14157
The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). This makes it easier for an malicious user to disarm the wireless alarm system.
Abus Secvest Wireless Control Fube50001 Firmware -
6.8
CVSSv3
CVE-2021-40170
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an malicious user to trigger arbitrary system functionality by replaying previously recorded signals. This lets an adversary, among other thin...
Securitashome Securitashome Alarm System Firmware Hpgw-g 0.0.2.23f Bg U-itr-f1-bd Bl.a30.20181117
1 Github repository
NA
CVE-2015-1595
The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle malicious users to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.
Siemens Spcanywhere
6.5
CVSSv3
CVE-2019-9862
An issue exists on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because "encrypted signal transmission" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the...
Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
Abus Secvest Wireless Remote Control Fube50014 Firmware -
Abus Secvest Wireless Remote Control Fube50015 Firmware -
7.5
CVSSv3
CVE-2019-9860
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent command...
Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
Abus Secvest Wireless Remote Control Fube50014 Firmware -
Abus Secvest Wireless Remote Control Fube50015 Firmware -
9.8
CVSSv3
CVE-2022-32525
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServ...
Schneider-electric Interactive Graphical Scada System
8.8
CVSSv3
CVE-2017-11740
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the r...
Zohocorp Manageengine Applications Manager 13.1
9.8
CVSSv3
CVE-2018-8840
A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.
Indusoft Web Studio
Industrial-software Intouch Machine Edition 2017
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »