Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-56181 (GCVE-0-2024-56181)
Vulnerability from cvelistv5
Published
2025-03-11 09:48
Modified
2025-06-10 15:17
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H
8.4 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-693 - Protection Mechanism Failure
Summary
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC PX-32A (All versions < V29.01.07), SIMATIC IPC PX-39A (All versions < V29.01.07), SIMATIC IPC PX-39A PRO (All versions < V29.01.07), SIMATIC IPC RC-543A (All versions), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC RW-543B (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions < V25.02.15), SIMATIC IPC647E (All versions < V25.02.15), SIMATIC IPC677E (All versions < V25.02.15), SIMATIC IPC847E (All versions < V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T14:06:38.581942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T14:06:50.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC Field PG M5",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC BX-21A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V31.01.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC BX-32A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V29.01.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC BX-39A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V29.01.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC BX-59A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V32.01.04",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC PX-32A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V29.01.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC PX-39A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V29.01.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC PX-39A PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V29.01.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC RC-543A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC RC-543B",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC RW-543A",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC RW-543B",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC127E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC227E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC227G",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC277E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC277G",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC\u00a0IPC277G PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC3000 SMART V3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC327G",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC347G",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC377G",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC427E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC477E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC477E PRO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC527G",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC627E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V25.02.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC647E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V25.02.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC677E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V25.02.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC847E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V25.02.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ITP1000",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions \u003c V31.01.07), SIMATIC IPC BX-32A (All versions \u003c V29.01.07), SIMATIC IPC BX-39A (All versions \u003c V29.01.07), SIMATIC IPC BX-59A (All versions \u003c V32.01.04), SIMATIC IPC PX-32A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A PRO (All versions \u003c V29.01.07), SIMATIC IPC RC-543A (All versions), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC RW-543B (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC\u00a0IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions \u003c V25.02.15), SIMATIC IPC647E (All versions \u003c V25.02.15), SIMATIC IPC677E (All versions \u003c V25.02.15), SIMATIC IPC847E (All versions \u003c V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T15:17:19.512Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-216014.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-56181",
"datePublished": "2025-03-11T09:48:03.703Z",
"dateReserved": "2024-12-18T12:06:43.292Z",
"dateUpdated": "2025-06-10T15:17:19.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-56181\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2025-03-11T10:15:15.597\",\"lastModified\":\"2025-06-10T16:15:35.567\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions \u003c V31.01.07), SIMATIC IPC BX-32A (All versions \u003c V29.01.07), SIMATIC IPC BX-39A (All versions \u003c V29.01.07), SIMATIC IPC BX-59A (All versions \u003c V32.01.04), SIMATIC IPC PX-32A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A PRO (All versions \u003c V29.01.07), SIMATIC IPC RC-543A (All versions), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC RW-543B (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC\u00a0IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions \u003c V25.02.15), SIMATIC IPC647E (All versions \u003c V25.02.15), SIMATIC IPC677E (All versions \u003c V25.02.15), SIMATIC IPC847E (All versions \u003c V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SIMATIC Field PG M5 (todas las versiones), SIMATIC IPC BX-21A (todas las versiones \u0026lt; V31.01.07), SIMATIC IPC BX-32A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC BX-39A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC BX-59A (todas las versiones \u0026lt; V32.01.04), SIMATIC IPC PX-32A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC PX-39A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC PX-39A PRO (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC RC-543B (todas las versiones), SIMATIC IPC RW-543A (todas las versiones), SIMATIC IPC127E (todas las versiones), SIMATIC IPC227E (todas las versiones), SIMATIC IPC227G (todas las versiones), SIMATIC IPC277E (todas las versiones), SIMATIC IPC277G (todas las versiones), SIMATIC IPC277G PRO (todas las versiones), SIMATIC IPC3000 SMART V3 (todas las versiones), SIMATIC IPC327G (todas las versiones), SIMATIC IPC347G (todas las versiones), SIMATIC IPC377G (todas las versiones), SIMATIC IPC427E (todas las versiones), SIMATIC IPC477E (todas las versiones), SIMATIC IPC477E PRO (todas las versiones), SIMATIC IPC527G (todas las versiones), SIMATIC IPC627E (todas las versiones \u0026lt; V25.02.15), SIMATIC IPC647E (todas las versiones \u0026lt; V25.02.15), SIMATIC IPC677E (todas las versiones \u0026lt; V25.02.15), SIMATIC IPC847E (todas las versiones \u0026lt; V25.02.15), SIMATIC ITP1000 (todas las versiones Los dispositivos afectados no cuentan con un mecanismo de protecci\u00f3n suficiente para las variables EFI (interfaz de firmware extensible) almacenadas en el dispositivo. Esto podr\u00eda permitir que un atacante autenticado altere la configuraci\u00f3n de arranque seguro sin la debida autorizaci\u00f3n comunic\u00e1ndose directamente con el controlador flash.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-216014.html\",\"source\":\"productcert@siemens.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-56181\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-11T14:06:38.581942Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-11T14:06:43.792Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\"}}, {\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.4, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"SIMATIC Field PG M5\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC BX-21A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V31.01.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC BX-32A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V29.01.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC BX-39A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V29.01.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC BX-59A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V32.01.04\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC PX-32A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V29.01.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC PX-39A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V29.01.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC PX-39A PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V29.01.07\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC RC-543A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC RC-543B\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC RW-543A\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC RW-543B\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC127E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC227E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC227G\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC277E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC277G\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC\\u00a0IPC277G PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC3000 SMART V3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC327G\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC347G\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC377G\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC427E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC477E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC477E PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC527G\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC627E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V25.02.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC647E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V25.02.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC677E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V25.02.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC847E\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V25.02.15\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC ITP1000\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-216014.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions \u003c V31.01.07), SIMATIC IPC BX-32A (All versions \u003c V29.01.07), SIMATIC IPC BX-39A (All versions \u003c V29.01.07), SIMATIC IPC BX-59A (All versions \u003c V32.01.04), SIMATIC IPC PX-32A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A PRO (All versions \u003c V29.01.07), SIMATIC IPC RC-543A (All versions), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC RW-543B (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC\\u00a0IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions \u003c V25.02.15), SIMATIC IPC647E (All versions \u003c V25.02.15), SIMATIC IPC677E (All versions \u003c V25.02.15), SIMATIC IPC847E (All versions \u003c V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-693\", \"description\": \"CWE-693: Protection Mechanism Failure\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2025-06-10T15:17:19.512Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-56181\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-10T15:17:19.512Z\", \"dateReserved\": \"2024-12-18T12:06:43.292Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2025-03-11T09:48:03.703Z\", \"assignerShortName\": \"siemens\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
ghsa-wpmj-mx2h-xgfx
Vulnerability from github
Published
2025-03-11 12:30
Modified
2025-06-10 18:32
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H
8.4 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H
VLAI Severity ?
Details
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC PX-32A (All versions < V29.01.07), SIMATIC IPC PX-39A (All versions < V29.01.07), SIMATIC IPC PX-39A PRO (All versions < V29.01.07), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions < V25.02.15), SIMATIC IPC647E (All versions < V25.02.15), SIMATIC IPC677E (All versions < V25.02.15), SIMATIC IPC847E (All versions < V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.
{
"affected": [],
"aliases": [
"CVE-2024-56181"
],
"database_specific": {
"cwe_ids": [
"CWE-693"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-11T10:15:15Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions \u003c V31.01.07), SIMATIC IPC BX-32A (All versions \u003c V29.01.07), SIMATIC IPC BX-39A (All versions \u003c V29.01.07), SIMATIC IPC BX-59A (All versions \u003c V32.01.04), SIMATIC IPC PX-32A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A PRO (All versions \u003c V29.01.07), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC\u00a0IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions \u003c V25.02.15), SIMATIC IPC647E (All versions \u003c V25.02.15), SIMATIC IPC677E (All versions \u003c V25.02.15), SIMATIC IPC847E (All versions \u003c V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.",
"id": "GHSA-wpmj-mx2h-xgfx",
"modified": "2025-06-10T18:32:15Z",
"published": "2025-03-11T12:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56181"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-216014.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
fkie_cve-2024-56181
Vulnerability from fkie_nvd
Published
2025-03-11 10:15
Modified
2025-06-10 16:15
Severity ?
Summary
A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versions < V29.01.07), SIMATIC IPC BX-59A (All versions < V32.01.04), SIMATIC IPC PX-32A (All versions < V29.01.07), SIMATIC IPC PX-39A (All versions < V29.01.07), SIMATIC IPC PX-39A PRO (All versions < V29.01.07), SIMATIC IPC RC-543A (All versions), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC RW-543B (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions < V25.02.15), SIMATIC IPC647E (All versions < V25.02.15), SIMATIC IPC677E (All versions < V25.02.15), SIMATIC IPC847E (All versions < V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions \u003c V31.01.07), SIMATIC IPC BX-32A (All versions \u003c V29.01.07), SIMATIC IPC BX-39A (All versions \u003c V29.01.07), SIMATIC IPC BX-59A (All versions \u003c V32.01.04), SIMATIC IPC PX-32A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A (All versions \u003c V29.01.07), SIMATIC IPC PX-39A PRO (All versions \u003c V29.01.07), SIMATIC IPC RC-543A (All versions), SIMATIC IPC RC-543B (All versions), SIMATIC IPC RW-543A (All versions), SIMATIC IPC RW-543B (All versions), SIMATIC IPC127E (All versions), SIMATIC IPC227E (All versions), SIMATIC IPC227G (All versions), SIMATIC IPC277E (All versions), SIMATIC IPC277G (All versions), SIMATIC\u00a0IPC277G PRO (All versions), SIMATIC IPC3000 SMART V3 (All versions), SIMATIC IPC327G (All versions), SIMATIC IPC347G (All versions), SIMATIC IPC377G (All versions), SIMATIC IPC427E (All versions), SIMATIC IPC477E (All versions), SIMATIC IPC477E PRO (All versions), SIMATIC IPC527G (All versions), SIMATIC IPC627E (All versions \u003c V25.02.15), SIMATIC IPC647E (All versions \u003c V25.02.15), SIMATIC IPC677E (All versions \u003c V25.02.15), SIMATIC IPC847E (All versions \u003c V25.02.15), SIMATIC ITP1000 (All versions). The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Field PG M5 (todas las versiones), SIMATIC IPC BX-21A (todas las versiones \u0026lt; V31.01.07), SIMATIC IPC BX-32A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC BX-39A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC BX-59A (todas las versiones \u0026lt; V32.01.04), SIMATIC IPC PX-32A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC PX-39A (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC PX-39A PRO (todas las versiones \u0026lt; V29.01.07), SIMATIC IPC RC-543B (todas las versiones), SIMATIC IPC RW-543A (todas las versiones), SIMATIC IPC127E (todas las versiones), SIMATIC IPC227E (todas las versiones), SIMATIC IPC227G (todas las versiones), SIMATIC IPC277E (todas las versiones), SIMATIC IPC277G (todas las versiones), SIMATIC IPC277G PRO (todas las versiones), SIMATIC IPC3000 SMART V3 (todas las versiones), SIMATIC IPC327G (todas las versiones), SIMATIC IPC347G (todas las versiones), SIMATIC IPC377G (todas las versiones), SIMATIC IPC427E (todas las versiones), SIMATIC IPC477E (todas las versiones), SIMATIC IPC477E PRO (todas las versiones), SIMATIC IPC527G (todas las versiones), SIMATIC IPC627E (todas las versiones \u0026lt; V25.02.15), SIMATIC IPC647E (todas las versiones \u0026lt; V25.02.15), SIMATIC IPC677E (todas las versiones \u0026lt; V25.02.15), SIMATIC IPC847E (todas las versiones \u0026lt; V25.02.15), SIMATIC ITP1000 (todas las versiones Los dispositivos afectados no cuentan con un mecanismo de protecci\u00f3n suficiente para las variables EFI (interfaz de firmware extensible) almacenadas en el dispositivo. Esto podr\u00eda permitir que un atacante autenticado altere la configuraci\u00f3n de arranque seguro sin la debida autorizaci\u00f3n comunic\u00e1ndose directamente con el controlador flash."
}
],
"id": "CVE-2024-56181",
"lastModified": "2025-06-10T16:15:35.567",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "productcert@siemens.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2025-03-11T10:15:15.597",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-216014.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
}
ncsc-2025-0077
Vulnerability from csaf_ncscnl
Published
2025-03-11 12:30
Modified
2025-03-11 12:30
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter en Tecnomatix.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Dreigingsinformatie
Kans
medium
Schade
high
CWE-187
Partial String Comparison
CWE-283
Unverified Ownership
CWE-273
Improper Check for Dropped Privileges
CWE-1287
Improper Validation of Specified Type of Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-208
Observable Timing Discrepancy
CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
CWE-824
Access of Uninitialized Pointer
CWE-305
Authentication Bypass by Primary Weakness
CWE-117
Improper Output Neutralization for Logs
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-693
Protection Mechanism Failure
CWE-552
Files or Directories Accessible to External Parties
CWE-290
Authentication Bypass by Spoofing
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-306
Missing Authentication for Critical Function
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-121
Stack-based Buffer Overflow
CWE-20
Improper Input Validation
CWE-287
Improper Authentication
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter en Tecnomatix.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "description",
"text": " ",
"title": "Dreigingsinformatie"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Partial String Comparison",
"title": "CWE-187"
},
{
"category": "general",
"text": "Unverified Ownership",
"title": "CWE-283"
},
{
"category": "general",
"text": "Improper Check for Dropped Privileges",
"title": "CWE-273"
},
{
"category": "general",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "general",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "general",
"text": "Improper Restriction of Communication Channel to Intended Endpoints",
"title": "CWE-923"
},
{
"category": "general",
"text": "Access of Uninitialized Pointer",
"title": "CWE-824"
},
{
"category": "general",
"text": "Authentication Bypass by Primary Weakness",
"title": "CWE-305"
},
{
"category": "general",
"text": "Improper Output Neutralization for Logs",
"title": "CWE-117"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-050438.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-073066.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-075201.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-216014.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-280834.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-503939.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-507653.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-515903.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-615740.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787280.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-858251.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2025-03-11T12:30:29.277759Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0077",
"initial_release_date": "2025-03-11T12:30:29.277759Z",
"revision_history": [
{
"date": "2025-03-11T12:30:29.277759Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459094"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) EU"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299123"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459095"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) NAM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299124"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/3.x",
"product": {
"name": "vers:unknown/3.x",
"product_id": "CSAFPID-2459491"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv4.0",
"product": {
"name": "vers:unknown/\u003cv4.0",
"product_id": "CSAFPID-2459084"
}
}
],
"category": "product_name",
"name": "SCALANCE LPE9403"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459096"
}
}
],
"category": "product_name",
"name": "SCALANCE M804PB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299125"
}
}
],
"category": "product_name",
"name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299126"
}
}
],
"category": "product_name",
"name": "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299127"
}
}
],
"category": "product_name",
"name": "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459097"
}
}
],
"category": "product_name",
"name": "SCALANCE M812-1 ADSL-Router family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299128"
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299129"
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459098"
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 ADSL-Router family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459099"
}
}
],
"category": "product_name",
"name": "SCALANCE M826-2 SHDSL-Router"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299130"
}
}
],
"category": "product_name",
"name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459100"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299131"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459101"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299132"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459102"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3 3G-Router (CN)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299133"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459103"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299134"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (6GK5876-3AA02-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459104"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (ROK)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299135"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459105"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299136"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459106"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (EU)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299137"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459107"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (NAM)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299138"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459108"
}
}
],
"category": "product_name",
"name": "SCALANCE MUB852-1 (A1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459109"
}
}
],
"category": "product_name",
"name": "SCALANCE MUB852-1 (B1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459110"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (A1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299139"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459111"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (B1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299140"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459112"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (EU)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299141"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459113"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (A1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299142"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459114"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (B1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299143"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459115"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (CN)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299144"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459116"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (EU)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299145"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459117"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (RoW)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299146"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459118"
}
}
],
"category": "product_name",
"name": "SCALANCE S615 EEC LAN-Router"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299147"
}
}
],
"category": "product_name",
"name": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv8.2.1",
"product": {
"name": "vers:unknown/\u003cv8.2.1",
"product_id": "CSAFPID-2459119"
}
}
],
"category": "product_name",
"name": "SCALANCE S615 LAN-Router"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv8.2",
"product": {
"name": "vers:all/\u003cv8.2",
"product_id": "CSAFPID-1299148"
}
}
],
"category": "product_name",
"name": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459120"
}
}
],
"category": "product_name",
"name": "SCALANCE SC-600 family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459042"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv26.01.12",
"product": {
"name": "vers:unknown/\u003cv26.01.12",
"product_id": "CSAFPID-2459077"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M6"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv31.01.07",
"product": {
"name": "vers:unknown/\u003cv31.01.07",
"product_id": "CSAFPID-2459043"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-21A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv29.01.07",
"product": {
"name": "vers:unknown/\u003cv29.01.07",
"product_id": "CSAFPID-2459044"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-32A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv29.01.07",
"product": {
"name": "vers:unknown/\u003cv29.01.07",
"product_id": "CSAFPID-2459045"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-39A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv32.01.04",
"product": {
"name": "vers:unknown/\u003cv32.01.04",
"product_id": "CSAFPID-2459046"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-59A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv29.01.07",
"product": {
"name": "vers:unknown/\u003cv29.01.07",
"product_id": "CSAFPID-2459047"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC PX-32A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv29.01.07",
"product": {
"name": "vers:unknown/\u003cv29.01.07",
"product_id": "CSAFPID-2459048"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC PX-39A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv29.01.07",
"product": {
"name": "vers:unknown/\u003cv29.01.07",
"product_id": "CSAFPID-2459049"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC PX-39A PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459050"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC RC-543B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459051"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC RW-543A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459052"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC127E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459053"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC227E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459054"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC227G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459055"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC277E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459056"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC277G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459058"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC3000 SMART V3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459059"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC327G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459060"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC347G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459061"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC377G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459062"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC427E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459063"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459064"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459065"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC527G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv25.02.15",
"product": {
"name": "vers:unknown/\u003cv25.02.15",
"product_id": "CSAFPID-2459066"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC627E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv25.02.15",
"product": {
"name": "vers:unknown/\u003cv25.02.15",
"product_id": "CSAFPID-2459067"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC647E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv25.02.15",
"product": {
"name": "vers:unknown/\u003cv25.02.15",
"product_id": "CSAFPID-2459068"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC677E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv25.02.15",
"product": {
"name": "vers:unknown/\u003cv25.02.15",
"product_id": "CSAFPID-2459069"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC847E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459070"
}
}
],
"category": "product_name",
"name": "SIMATIC ITP1000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459057"
}
}
],
"category": "product_name",
"name": "SIMATIC\u00a0IPC277G PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003c*",
"product": {
"name": "vers:unknown/\u003c*",
"product_id": "CSAFPID-2459093"
}
}
],
"category": "product_name",
"name": "SINAMICS S200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv6.4.8",
"product": {
"name": "vers:unknown/\u003cv6.4.8",
"product_id": "CSAFPID-2459089"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv6.4.9",
"product": {
"name": "vers:unknown/\u003cv6.4.9",
"product_id": "CSAFPID-2459082"
}
}
],
"category": "product_name",
"name": "SiPass integrated AC5102 (ACC-G2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/6.4.0",
"product": {
"name": "vers:unknown/6.4.0",
"product_id": "CSAFPID-2459482"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.1",
"product": {
"name": "vers:unknown/6.4.1",
"product_id": "CSAFPID-2459483"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.2",
"product": {
"name": "vers:unknown/6.4.2",
"product_id": "CSAFPID-2459484"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.3",
"product": {
"name": "vers:unknown/6.4.3",
"product_id": "CSAFPID-2459485"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.4",
"product": {
"name": "vers:unknown/6.4.4",
"product_id": "CSAFPID-2459486"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.5",
"product": {
"name": "vers:unknown/6.4.5",
"product_id": "CSAFPID-2459487"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.6",
"product": {
"name": "vers:unknown/6.4.6",
"product_id": "CSAFPID-2459488"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.7",
"product": {
"name": "vers:unknown/6.4.7",
"product_id": "CSAFPID-2459489"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/6.4.8",
"product": {
"name": "vers:unknown/6.4.8",
"product_id": "CSAFPID-2459490"
}
}
],
"category": "product_name",
"name": "SiPass integrated AC5102, SiPass integrated ACC-AP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv6.4.8",
"product": {
"name": "vers:unknown/\u003cv6.4.8",
"product_id": "CSAFPID-2459090"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv6.4.9",
"product": {
"name": "vers:unknown/\u003cv6.4.9",
"product_id": "CSAFPID-2459083"
}
}
],
"category": "product_name",
"name": "SiPass integrated ACC-AP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv14.3.0.13",
"product": {
"name": "vers:unknown/\u003cv14.3.0.13",
"product_id": "CSAFPID-2459071"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization V14.3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2312.0009",
"product": {
"name": "vers:unknown/\u003cv2312.0009",
"product_id": "CSAFPID-2459072"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization V2312"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2406.0007",
"product": {
"name": "vers:unknown/\u003cv2406.0007",
"product_id": "CSAFPID-2459073"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization V2406"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2412.0002",
"product": {
"name": "vers:unknown/\u003cv2412.0002",
"product_id": "CSAFPID-2459074"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization V2412"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2302.0021",
"product": {
"name": "vers:unknown/\u003cv2302.0021",
"product_id": "CSAFPID-2459075"
}
}
],
"category": "product_name",
"name": "Tecnomatix Plant Simulation V2302"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv2404.0010",
"product": {
"name": "vers:unknown/\u003cv2404.0010",
"product_id": "CSAFPID-2459076"
}
}
],
"category": "product_name",
"name": "Tecnomatix Plant Simulation V2404"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-1305",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1305",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1305.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-1305"
},
{
"cve": "CVE-2024-4877",
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4877",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4877.json"
}
],
"title": "CVE-2024-4877"
},
{
"cve": "CVE-2024-5594",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"notes": [
{
"category": "other",
"text": "Improper Output Neutralization for Logs",
"title": "CWE-117"
},
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5594",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5594.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-5594"
},
{
"cve": "CVE-2024-24974",
"cwe": {
"id": "CWE-923",
"name": "Improper Restriction of Communication Channel to Intended Endpoints"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Communication Channel to Intended Endpoints",
"title": "CWE-923"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24974",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24974.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-24974"
},
{
"cve": "CVE-2024-27459",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27459",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27459.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-27459"
},
{
"cve": "CVE-2024-27903",
"cwe": {
"id": "CWE-283",
"name": "Unverified Ownership"
},
"notes": [
{
"category": "other",
"text": "Unverified Ownership",
"title": "CWE-283"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27903",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27903.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-27903"
},
{
"cve": "CVE-2024-28882",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28882",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28882.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-28882"
},
{
"cve": "CVE-2024-41046",
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41046",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41046.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-41046"
},
{
"cve": "CVE-2024-41049",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41049",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41049.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-41049"
},
{
"cve": "CVE-2024-41055",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41055",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41055.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-42154",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42154",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42154.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-42154"
},
{
"cve": "CVE-2024-42161",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "other",
"text": "Access of Uninitialized Pointer",
"title": "CWE-824"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42161",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42161.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-42161"
},
{
"cve": "CVE-2024-42512",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42512",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42512.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-42512"
},
{
"cve": "CVE-2024-42513",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "other",
"text": "Authentication Bypass by Primary Weakness",
"title": "CWE-305"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-42513",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-42513.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-42513"
},
{
"cve": "CVE-2024-52285",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-52285",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52285.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-52285"
},
{
"cve": "CVE-2024-56181",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56181",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56181.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-56181"
},
{
"cve": "CVE-2024-56182",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-56182"
},
{
"cve": "CVE-2024-56336",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56336",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56336.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2024-56336"
},
{
"cve": "CVE-2025-23384",
"cwe": {
"id": "CWE-187",
"name": "Partial String Comparison"
},
"notes": [
{
"category": "other",
"text": "Partial String Comparison",
"title": "CWE-187"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23384",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23384.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23384"
},
{
"cve": "CVE-2025-23396",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23396",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23396.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23396"
},
{
"cve": "CVE-2025-23397",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23397",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23397.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23397"
},
{
"cve": "CVE-2025-23398",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23398",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23398.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23398"
},
{
"cve": "CVE-2025-23399",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23399",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23399"
},
{
"cve": "CVE-2025-23400",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23400",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23400.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23400"
},
{
"cve": "CVE-2025-23401",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23401",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23401.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23401"
},
{
"cve": "CVE-2025-23402",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23402",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23402.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-23402"
},
{
"cve": "CVE-2025-25266",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25266",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25266.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-25266"
},
{
"cve": "CVE-2025-25267",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25267",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25267.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-25267"
},
{
"cve": "CVE-2025-27392",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27392",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27392.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27392"
},
{
"cve": "CVE-2025-27393",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27393",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27393.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27393"
},
{
"cve": "CVE-2025-27394",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27394",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27394.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27394"
},
{
"cve": "CVE-2025-27395",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27395",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27395.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27395"
},
{
"cve": "CVE-2025-27396",
"cwe": {
"id": "CWE-273",
"name": "Improper Check for Dropped Privileges"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Dropped Privileges",
"title": "CWE-273"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27396",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27396.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27396"
},
{
"cve": "CVE-2025-27397",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27397",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27397.json"
}
],
"title": "CVE-2025-27397"
},
{
"cve": "CVE-2025-27398",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27398",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27398.json"
}
],
"title": "CVE-2025-27398"
},
{
"cve": "CVE-2025-27438",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27438",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27438.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27438"
},
{
"cve": "CVE-2025-27493",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27493",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27493.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27493"
},
{
"cve": "CVE-2025-27494",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27494",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27494.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2459094",
"CSAFPID-1299123",
"CSAFPID-2459095",
"CSAFPID-1299124",
"CSAFPID-2459491",
"CSAFPID-2459084",
"CSAFPID-2459096",
"CSAFPID-1299125",
"CSAFPID-1299126",
"CSAFPID-1299127",
"CSAFPID-2459097",
"CSAFPID-1299128",
"CSAFPID-1299129",
"CSAFPID-2459098",
"CSAFPID-2459099",
"CSAFPID-1299130",
"CSAFPID-2459100",
"CSAFPID-1299131",
"CSAFPID-2459101",
"CSAFPID-1299132",
"CSAFPID-2459102",
"CSAFPID-1299133",
"CSAFPID-2459103",
"CSAFPID-1299134",
"CSAFPID-2459104",
"CSAFPID-1299135",
"CSAFPID-2459105",
"CSAFPID-1299136",
"CSAFPID-2459106",
"CSAFPID-1299137",
"CSAFPID-2459107",
"CSAFPID-1299138",
"CSAFPID-2459108",
"CSAFPID-2459109",
"CSAFPID-2459110",
"CSAFPID-1299139",
"CSAFPID-2459111",
"CSAFPID-1299140",
"CSAFPID-2459112",
"CSAFPID-1299141",
"CSAFPID-2459113",
"CSAFPID-1299142",
"CSAFPID-2459114",
"CSAFPID-1299143",
"CSAFPID-2459115",
"CSAFPID-1299144",
"CSAFPID-2459116",
"CSAFPID-1299145",
"CSAFPID-2459117",
"CSAFPID-1299146",
"CSAFPID-2459118",
"CSAFPID-1299147",
"CSAFPID-2459119",
"CSAFPID-1299148",
"CSAFPID-2459120",
"CSAFPID-2459042",
"CSAFPID-2459077",
"CSAFPID-2459043",
"CSAFPID-2459044",
"CSAFPID-2459045",
"CSAFPID-2459046",
"CSAFPID-2459047",
"CSAFPID-2459048",
"CSAFPID-2459049",
"CSAFPID-2459050",
"CSAFPID-2459051",
"CSAFPID-2459052",
"CSAFPID-2459053",
"CSAFPID-2459054",
"CSAFPID-2459055",
"CSAFPID-2459056",
"CSAFPID-2459058",
"CSAFPID-2459059",
"CSAFPID-2459060",
"CSAFPID-2459061",
"CSAFPID-2459062",
"CSAFPID-2459063",
"CSAFPID-2459064",
"CSAFPID-2459065",
"CSAFPID-2459066",
"CSAFPID-2459067",
"CSAFPID-2459068",
"CSAFPID-2459069",
"CSAFPID-2459070",
"CSAFPID-2459057",
"CSAFPID-2459093",
"CSAFPID-2459089",
"CSAFPID-2459082",
"CSAFPID-2459482",
"CSAFPID-2459483",
"CSAFPID-2459484",
"CSAFPID-2459485",
"CSAFPID-2459486",
"CSAFPID-2459487",
"CSAFPID-2459488",
"CSAFPID-2459489",
"CSAFPID-2459490",
"CSAFPID-2459090",
"CSAFPID-2459083",
"CSAFPID-2459071",
"CSAFPID-2459072",
"CSAFPID-2459073",
"CSAFPID-2459074",
"CSAFPID-2459075",
"CSAFPID-2459076"
]
}
],
"title": "CVE-2025-27494"
}
]
}
ssa-216014
Vulnerability from csaf_siemens
Published
2025-03-11 00:00
Modified
2025-06-10 00:00
Summary
SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs
Notes
Summary
Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations.
Siemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations.\n\nSiemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-216014.html"
},
{
"category": "self",
"summary": "SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-216014.json"
}
],
"title": "SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs",
"tracking": {
"current_release_date": "2025-06-10T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-216014",
"initial_release_date": "2025-03-11T00:00:00Z",
"revision_history": [
{
"date": "2025-03-11T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-06-10T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added SIMATIC IPC RC-543A and RW-543B; Updated SIMATIC IPC3000 Smart V3, IPC 347G, IPC 527G"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC Field PG M5",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV26.01.12",
"product": {
"name": "SIMATIC Field PG M6",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M6"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC127E",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC127E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC227E",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC227E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC227G",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC227G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC277E",
"product_id": "6"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC277E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC277G",
"product_id": "7"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC277G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC327G",
"product_id": "8"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC327G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC347G",
"product_id": "9"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC347G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC377G",
"product_id": "10"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC377G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC427E",
"product_id": "11"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC427E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC477E",
"product_id": "12"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC477E PRO",
"product_id": "13"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC527G",
"product_id": "14"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC527G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC627E",
"product_id": "15"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC627E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC647E",
"product_id": "16"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC647E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC677E",
"product_id": "17"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC677E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV25.02.15",
"product": {
"name": "SIMATIC IPC847E",
"product_id": "18"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC847E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC3000 SMART V3",
"product_id": "19"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC3000 SMART V3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV31.01.07",
"product": {
"name": "SIMATIC IPC BX-21A",
"product_id": "20"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-21A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV29.01.07",
"product": {
"name": "SIMATIC IPC BX-32A",
"product_id": "21"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-32A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV29.01.07",
"product": {
"name": "SIMATIC IPC BX-39A",
"product_id": "22"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-39A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV32.01.04",
"product": {
"name": "SIMATIC IPC BX-59A",
"product_id": "23"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC BX-59A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV29.01.07",
"product": {
"name": "SIMATIC IPC PX-32A",
"product_id": "24"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC PX-32A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV29.01.07",
"product": {
"name": "SIMATIC IPC PX-39A",
"product_id": "25"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC PX-39A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV29.01.07",
"product": {
"name": "SIMATIC IPC PX-39A PRO",
"product_id": "26"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC PX-39A PRO"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC RC-543A",
"product_id": "27"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC RC-543A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC RC-543B",
"product_id": "28"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC RC-543B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC RW-543A",
"product_id": "29"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC RW-543A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC RW-543B",
"product_id": "30"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC RW-543B"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC ITP1000",
"product_id": "31"
}
}
],
"category": "product_name",
"name": "SIMATIC ITP1000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC\u00a0IPC277G PRO",
"product_id": "32"
}
}
],
"category": "product_name",
"name": "SIMATIC\u00a0IPC277G PRO"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-56181",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "summary",
"text": "The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict access to root/administrator permission for the operating system",
"product_ids": [
"1",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"4",
"6",
"9",
"14",
"19"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"8",
"10",
"11",
"12",
"13",
"27",
"28",
"29",
"30",
"31",
"32"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.15 or later version",
"product_ids": [
"15",
"16",
"17",
"18"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V29.01.07 or later version",
"product_ids": [
"21",
"24"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V29.01.07 or later version",
"product_ids": [
"22",
"25",
"26"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V31.01.07 or later version",
"product_ids": [
"20"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V32.01.04 or later version",
"product_ids": [
"23"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32"
]
}
],
"title": "CVE-2024-56181"
},
{
"cve": "CVE-2024-56182",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "summary",
"text": "The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to disable the BIOS password without proper authorization by directly communicate with the flash controller.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Restrict access to root/administrator permission for the operating system",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"4",
"6",
"9",
"14",
"19"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"8",
"10",
"11",
"12",
"13",
"27",
"28",
"29",
"30",
"31",
"32"
]
},
{
"category": "vendor_fix",
"details": "Update to V25.02.15 or later version",
"product_ids": [
"15",
"16",
"17",
"18"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V26.01.12 or later version",
"product_ids": [
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V29.01.07 or later version",
"product_ids": [
"21",
"24"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V29.01.07 or later version",
"product_ids": [
"22",
"25",
"26"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V31.01.07 or later version",
"product_ids": [
"20"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update to V32.01.04 or later version",
"product_ids": [
"23"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32"
]
}
],
"title": "CVE-2024-56182"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…