<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sun, 05 Jul 2026 02:09:21 +0000</lastBuildDate>
    <item>
      <title>335ca6ff-3b6d-4565-9ea3-0a523bdc0d39</title>
      <link>https://vulnerability.circl.lu/sighting/335ca6ff-3b6d-4565-9ea3-0a523bdc0d39/export</link>
      <description>{"uuid": "335ca6ff-3b6d-4565-9ea3-0a523bdc0d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44105", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44105\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to obtain OS credentials.\n\ud83d\udccf Published: 2024-09-10T20:43:26.618Z\n\ud83d\udccf Modified: 2025-06-12T16:58:30.314Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:09.000000Z"}</description>
      <content:encoded>{"uuid": "335ca6ff-3b6d-4565-9ea3-0a523bdc0d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44105", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44105\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to obtain OS credentials.\n\ud83d\udccf Published: 2024-09-10T20:43:26.618Z\n\ud83d\udccf Modified: 2025-06-12T16:58:30.314Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/335ca6ff-3b6d-4565-9ea3-0a523bdc0d39/export</guid>
      <pubDate>Thu, 12 Jun 2025 17:35:09 +0000</pubDate>
    </item>
    <item>
      <title>c98d3ac8-3c86-4b99-8ea3-ee23d22308de</title>
      <link>https://vulnerability.circl.lu/sighting/c98d3ac8-3c86-4b99-8ea3-ee23d22308de/export</link>
      <description>{"uuid": "c98d3ac8-3c86-4b99-8ea3-ee23d22308de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44104", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18208", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44104\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to escalate their privileges.\n\ud83d\udccf Published: 2024-09-10T20:41:33.032Z\n\ud83d\udccf Modified: 2025-06-12T17:01:17.730Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:09.000000Z"}</description>
      <content:encoded>{"uuid": "c98d3ac8-3c86-4b99-8ea3-ee23d22308de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44104", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18208", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44104\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0)  allows a local authenticated attacker to escalate their privileges.\n\ud83d\udccf Published: 2024-09-10T20:41:33.032Z\n\ud83d\udccf Modified: 2025-06-12T17:01:17.730Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c98d3ac8-3c86-4b99-8ea3-ee23d22308de/export</guid>
      <pubDate>Thu, 12 Jun 2025 17:35:09 +0000</pubDate>
    </item>
    <item>
      <title>7eaddb66-f608-484b-99f5-1f096601b47f</title>
      <link>https://vulnerability.circl.lu/sighting/7eaddb66-f608-484b-99f5-1f096601b47f/export</link>
      <description>{"uuid": "7eaddb66-f608-484b-99f5-1f096601b47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44107", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18207", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44107\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.\n\ud83d\udccf Published: 2024-09-10T20:47:26.779Z\n\ud83d\udccf Modified: 2025-06-12T17:03:29.008Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:08.000000Z"}</description>
      <content:encoded>{"uuid": "7eaddb66-f608-484b-99f5-1f096601b47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44107", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18207", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44107\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.\n\ud83d\udccf Published: 2024-09-10T20:47:26.779Z\n\ud83d\udccf Modified: 2025-06-12T17:03:29.008Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7eaddb66-f608-484b-99f5-1f096601b47f/export</guid>
      <pubDate>Thu, 12 Jun 2025 17:35:08 +0000</pubDate>
    </item>
    <item>
      <title>0ecff9c2-0430-4f62-91ff-c7f81c047fe9</title>
      <link>https://vulnerability.circl.lu/sighting/0ecff9c2-0430-4f62-91ff-c7f81c047fe9/export</link>
      <description>{"uuid": "0ecff9c2-0430-4f62-91ff-c7f81c047fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44103", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18206", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44103\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.\n\ud83d\udccf Published: 2024-09-10T20:39:40.204Z\n\ud83d\udccf Modified: 2025-06-12T17:04:53.415Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:07.000000Z"}</description>
      <content:encoded>{"uuid": "0ecff9c2-0430-4f62-91ff-c7f81c047fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44103", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18206", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44103\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: DLL hijacking in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.\n\ud83d\udccf Published: 2024-09-10T20:39:40.204Z\n\ud83d\udccf Modified: 2025-06-12T17:04:53.415Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0ecff9c2-0430-4f62-91ff-c7f81c047fe9/export</guid>
      <pubDate>Thu, 12 Jun 2025 17:35:07 +0000</pubDate>
    </item>
    <item>
      <title>b75aef43-07a7-4871-997e-689a659186d8</title>
      <link>https://vulnerability.circl.lu/sighting/b75aef43-07a7-4871-997e-689a659186d8/export</link>
      <description>{"uuid": "b75aef43-07a7-4871-997e-689a659186d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44106", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44106\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.\n\ud83d\udccf Published: 2024-09-10T20:45:28.624Z\n\ud83d\udccf Modified: 2025-06-12T17:06:34.123Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:06.000000Z"}</description>
      <content:encoded>{"uuid": "b75aef43-07a7-4871-997e-689a659186d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44106", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44106\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Insufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local authenticated attacker to escalate their privileges.\n\ud83d\udccf Published: 2024-09-10T20:45:28.624Z\n\ud83d\udccf Modified: 2025-06-12T17:06:34.123Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC", "creation_timestamp": "2025-06-12T17:35:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b75aef43-07a7-4871-997e-689a659186d8/export</guid>
      <pubDate>Thu, 12 Jun 2025 17:35:06 +0000</pubDate>
    </item>
    <item>
      <title>3e022cd3-ba8b-4744-9e73-de86095ca324</title>
      <link>https://vulnerability.circl.lu/sighting/3e022cd3-ba8b-4744-9e73-de86095ca324/export</link>
      <description>{"uuid": "3e022cd3-ba8b-4744-9e73-de86095ca324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "Telegram/vx3F3BJMbiZiV8gL1GnrvrtU_2imnhpONtny1JpvzZQ20t4", "content": "", "creation_timestamp": "2025-05-04T05:21:06.000000Z"}</description>
      <content:encoded>{"uuid": "3e022cd3-ba8b-4744-9e73-de86095ca324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "Telegram/vx3F3BJMbiZiV8gL1GnrvrtU_2imnhpONtny1JpvzZQ20t4", "content": "", "creation_timestamp": "2025-05-04T05:21:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3e022cd3-ba8b-4744-9e73-de86095ca324/export</guid>
      <pubDate>Sun, 04 May 2025 05:21:06 +0000</pubDate>
    </item>
    <item>
      <title>e45de55b-771d-41f7-bae1-bf3668d59b98</title>
      <link>https://vulnerability.circl.lu/sighting/e45de55b-771d-41f7-bae1-bf3668d59b98/export</link>
      <description>{"uuid": "e45de55b-771d-41f7-bae1-bf3668d59b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "https://t.me/Databreachofficial1/427", "content": "CVE-2024-44102 \nSiemens PP TeleControl Server Basic Remote Code Execution\n\nDescription : A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges. \nSeverity: 10.0 | CRITICAL", "creation_timestamp": "2024-11-28T13:30:47.000000Z"}</description>
      <content:encoded>{"uuid": "e45de55b-771d-41f7-bae1-bf3668d59b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "https://t.me/Databreachofficial1/427", "content": "CVE-2024-44102 \nSiemens PP TeleControl Server Basic Remote Code Execution\n\nDescription : A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges. \nSeverity: 10.0 | CRITICAL", "creation_timestamp": "2024-11-28T13:30:47.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e45de55b-771d-41f7-bae1-bf3668d59b98/export</guid>
      <pubDate>Thu, 28 Nov 2024 13:30:47 +0000</pubDate>
    </item>
    <item>
      <title>12f1b48a-2d49-4a90-8b15-99190ff802d6</title>
      <link>https://vulnerability.circl.lu/sighting/12f1b48a-2d49-4a90-8b15-99190ff802d6/export</link>
      <description>{"uuid": "12f1b48a-2d49-4a90-8b15-99190ff802d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/962", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0648 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0627\u0634\u06cc\u0627\u0621 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062a\u0644\u0647 \u0645\u062a\u0631\u06cc \u0648 \u062a\u0644\u0647\u200c\u0645\u06a9\u0627\u0646\u06cc\u06a9 TeleControl Server Basic \u0628\u0627 \u0646\u0642\u0635 \u062f\u0631 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 deserialization \u0647\u0645\u0631\u0627\u0647 \u0627\u0633\u062a. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a SYSTEM \u0631\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0627\u0634\u06cc\u0627\u0621 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0627\u0635 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u200fBDU: 09525-2024\n\u200fCVE-2024-44102\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\n\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u062f\u0631 \u0635\u0648\u0631\u062a \u0639\u062f\u0645 \u0627\u0633\u062a\u0641\u0627\u062f\u0647\u060c \u0639\u0645\u0644\u06a9\u0631\u062f \"\u0627\u0636\u0627\u0641\u0647\" \u0631\u0627 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0644\u06cc\u0633\u062a \u0647\u0627\u06cc \"\u0633\u0641\u06cc\u062f\" \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0628\u062e\u0634 \u0635\u0646\u0639\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN) \u0628\u0647 \u0628\u062e\u0634 \u0635\u0646\u0639\u062a\u06cc.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\n\u200fhttps://cert-portal.siemens.com/productcert/html/ssa-454789.html\n\n\u26a0\ufe0f\u0628\u06cc\u0627\u0646\u06cc\u0647 \u0633\u0644\u0628 \u0645\u0633\u0626\u0648\u0644\u06cc\u062a\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-11-22T08:35:08.000000Z"}</description>
      <content:encoded>{"uuid": "12f1b48a-2d49-4a90-8b15-99190ff802d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/962", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0648 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0627\u0634\u06cc\u0627\u0621 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062a\u0644\u0647 \u0645\u062a\u0631\u06cc \u0648 \u062a\u0644\u0647\u200c\u0645\u06a9\u0627\u0646\u06cc\u06a9 TeleControl Server Basic \u0628\u0627 \u0646\u0642\u0635 \u062f\u0631 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 deserialization \u0647\u0645\u0631\u0627\u0647 \u0627\u0633\u062a. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a SYSTEM \u0631\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0627\u0634\u06cc\u0627\u0621 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0627\u0635 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\u200fBDU: 09525-2024\n\u200fCVE-2024-44102\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\n\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u062f\u0631 \u0635\u0648\u0631\u062a \u0639\u062f\u0645 \u0627\u0633\u062a\u0641\u0627\u062f\u0647\u060c \u0639\u0645\u0644\u06a9\u0631\u062f \"\u0627\u0636\u0627\u0641\u0647\" \u0631\u0627 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0644\u06cc\u0633\u062a \u0647\u0627\u06cc \"\u0633\u0641\u06cc\u062f\" \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0628\u062e\u0634 \u0635\u0646\u0639\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN) \u0628\u0647 \u0628\u062e\u0634 \u0635\u0646\u0639\u062a\u06cc.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\n\u200fhttps://cert-portal.siemens.com/productcert/html/ssa-454789.html\n\n\u26a0\ufe0f\u0628\u06cc\u0627\u0646\u06cc\u0647 \u0633\u0644\u0628 \u0645\u0633\u0626\u0648\u0644\u06cc\u062a\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-11-22T08:35:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/12f1b48a-2d49-4a90-8b15-99190ff802d6/export</guid>
      <pubDate>Fri, 22 Nov 2024 08:35:08 +0000</pubDate>
    </item>
    <item>
      <title>d4df57f3-ce4e-44d7-8c49-54b999467173</title>
      <link>https://vulnerability.circl.lu/sighting/d4df57f3-ce4e-44d7-8c49-54b999467173/export</link>
      <description>{"uuid": "d4df57f3-ce4e-44d7-8c49-54b999467173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-10", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}</description>
      <content:encoded>{"uuid": "d4df57f3-ce4e-44d7-8c49-54b999467173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-10", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d4df57f3-ce4e-44d7-8c49-54b999467173/export</guid>
      <pubDate>Thu, 14 Nov 2024 12:00:00 +0000</pubDate>
    </item>
    <item>
      <title>62fcb4af-2a29-4dcb-8f9e-d353b9b699a9</title>
      <link>https://vulnerability.circl.lu/sighting/62fcb4af-2a29-4dcb-8f9e-d353b9b699a9/export</link>
      <description>{"uuid": "62fcb4af-2a29-4dcb-8f9e-d353b9b699a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "https://t.me/ZeroEthical_Course/2039", "content": "\u2194\ufe0fCVE-2024-44102 \nSiemens PP TeleControl Server Basic Remote Code Execution\n\n\ud83d\udd34Description : A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges. \nSeverity: 10.0 | CRITICAL", "creation_timestamp": "2024-11-12T16:19:16.000000Z"}</description>
      <content:encoded>{"uuid": "62fcb4af-2a29-4dcb-8f9e-d353b9b699a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44102", "type": "seen", "source": "https://t.me/ZeroEthical_Course/2039", "content": "\u2194\ufe0fCVE-2024-44102 \nSiemens PP TeleControl Server Basic Remote Code Execution\n\n\ud83d\udd34Description : A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions &amp;lt; V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions &amp;lt; V3.1.2.1 with redundancy configured). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges. \nSeverity: 10.0 | CRITICAL", "creation_timestamp": "2024-11-12T16:19:16.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/62fcb4af-2a29-4dcb-8f9e-d353b9b699a9/export</guid>
      <pubDate>Tue, 12 Nov 2024 16:19:16 +0000</pubDate>
    </item>
  </channel>
</rss>
