Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by hms-networks
CVE-2021-33214 (GCVE-0-2021-33214)
Vulnerability from cvelistv5 – Published: 2021-07-09 18:03 – Updated: 2024-08-03 23:42
VLAI
Summary
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://labs.bishopfox.com/advisories | x_refsource_MISC |
| https://www.ewon.biz/about-us/security | x_refsource_MISC |
| https://www.ewon.biz/technical-support/pages/talk… | x_refsource_MISC |
| https://cdn.hms-networks.com/docs/librariesprovid… | x_refsource_MISC |
| https://labs.bishopfox.com/advisories/ecatcher-de… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:20.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.bishopfox.com/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ewon.biz/about-us/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-17T18:42:34.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.bishopfox.com/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ewon.biz/about-us/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://labs.bishopfox.com/advisories",
"refsource": "MISC",
"url": "https://labs.bishopfox.com/advisories"
},
{
"name": "https://www.ewon.biz/about-us/security",
"refsource": "MISC",
"url": "https://www.ewon.biz/about-us/security"
},
{
"name": "https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher",
"refsource": "MISC",
"url": "https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher"
},
{
"name": "https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4",
"refsource": "MISC",
"url": "https://cdn.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-07-09-001---ewon-ecatcher.pdf?sfvrsn=b37418d7_4"
},
{
"name": "https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4",
"refsource": "MISC",
"url": "https://labs.bishopfox.com/advisories/ecatcher-desktop-version-6.6.4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33214",
"datePublished": "2021-07-09T18:03:44.000Z",
"dateReserved": "2021-05-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:42:20.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14498 (GCVE-0-2020-14498)
Vulnerability from cvelistv5 – Published: 2020-08-26 13:30 – Updated: 2024-08-04 12:46
VLAI
Title
HMS Industrial Networks AB eCatcher Stack-based Buffer Overflow
Summary
HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
Severity
9.6 (Critical)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HMS Industrial Networks AB | eCatcher |
Affected:
0 , < 6.5.5
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:46:34.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.hms-networks.com/cybersecurity/security-advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "eCatcher",
"vendor": "HMS Industrial Networks AB",
"versions": [
{
"lessThan": "6.5.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sharon Brizinov of Claroty reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.\u003c/p\u003e"
}
],
"value": "HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-23T00:47:34.917Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03"
},
{
"url": "https://www.hms-networks.com/cybersecurity/security-advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eHMS recommends users update eCatcher to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://ewon.biz/technical-support/pages/all-downloads\"\u003eVersion 6.5.5 or later\u003c/a\u003e. \u003c/p\u003e\u003cp\u003eFor more information, see the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.hms-networks.com/cybersecurity\"\u003eHMS advisory\u003c/a\u003e.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "HMS recommends users update eCatcher to Version 6.5.5 or later https://ewon.biz/technical-support/pages/all-downloads . \n\nFor more information, see the HMS advisory https://www.hms-networks.com/cybersecurity ."
}
],
"source": {
"advisory": "ICSA-20-210-03",
"discovery": "EXTERNAL"
},
"title": "HMS Industrial Networks AB eCatcher Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-14498",
"STATE": "PUBLIC",
"TITLE": "HMS Industrial Networks AB eCatcher Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eCatcher",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.5.5"
}
]
}
}
]
},
"vendor_name": "HMS Industrial Networks AB"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sharon Brizinov of Claroty reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HMS Industrial Networks AB eCatcher all versions prior to 6.5.5. The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03"
}
]
},
"solution": [
{
"lang": "en",
"value": "HMS recommends users update eCatcher to Version 6.5.5 or later."
}
],
"source": {
"advisory": "ICSA-20-210-03",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-14498",
"datePublished": "2020-08-26T13:30:01.000Z",
"dateReserved": "2020-06-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:46:34.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}