Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alarm vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-40171
The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an malicious user to block legitimate traffic while not alerting the owner of the system.
Securitashome Securitashome Alarm System Firmware Hpgw-g 0.0.2.23f Bg U-itr-f1-bd Bl.a30.20181117
1 Github repository
4.8
CVSSv2
CVE-2020-14157
The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). This makes it easier for an malicious user to disarm the wireless alarm system.
Abus Secvest Wireless Control Fube50001 Firmware -
4
CVSSv2
CVE-2017-11561
An issue exists in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell.
Zohocorp Manageengine Opmanager 12.2
4.3
CVSSv2
CVE-2015-1595
The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle malicious users to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.
Siemens Spcanywhere
5.8
CVSSv2
CVE-2021-40170
An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an malicious user to trigger arbitrary system functionality by replaying previously recorded signals. This lets an adversary, among other thin...
Securitashome Securitashome Alarm System Firmware Hpgw-g 0.0.2.23f Bg U-itr-f1-bd Bl.a30.20181117
1 Github repository
NA
CVE-2022-32525
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServ...
Schneider-electric Interactive Graphical Scada System
5
CVSSv2
CVE-2019-9860
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent command...
Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
Abus Secvest Wireless Remote Control Fube50014 Firmware -
Abus Secvest Wireless Remote Control Fube50015 Firmware -
3.3
CVSSv2
CVE-2019-9862
An issue exists on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because "encrypted signal transmission" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the...
Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
Abus Secvest Wireless Remote Control Fube50014 Firmware -
Abus Secvest Wireless Remote Control Fube50015 Firmware -
NA
CVE-2022-32527
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSda...
Schneider-electric Interactive Graphical Scada System
6.8
CVSSv2
CVE-2017-11740
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the r...
Zohocorp Manageengine Applications Manager 13.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »