Advisories

KLCERT-20-004: Remote Code Execution on TigerVNC version prior to 1.10.1

23 March 2020

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
KLCERT-20-003: Remote Code Execution on Emerson OpenEnterprise SCADA Server version 2.83 and all versions of OpenEnterprise 3.1 through 3.3.3

23 March 2020

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server version 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server.
KLCERT-20-002: XXE on Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1

16 March 2020

Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1 was affected to XML Externl Entity (XXE) due to vulnerable third-party component usage (Apache Flex BlazeDS). Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-20-001: Remote Code Execution on Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1

16 March 2020

Moxa’s cellular management software OnCell Central Manager Version lower than 2.4.1 was affected to Remote Code Execution due to vulnerable third-party component usage (Apache Flex BlazeDS). Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.
KLCERT-19-032: Denial of Service in RDesktop before 1.8.4

30 October 2019

RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5.
KLCERT-19-031: CODESYS V3 Password transmission vulnerability

13 August 2019

Attacker able to decrypt captured credentials.
KLCERT-19-030: Hasplm cookie without HTTPOnly attribute

05 June 2019

Hasplm cookie does not have a HTTPOnly attribute. This allows malicious javascript to steal these cookie.
KLCERT-19-029: Gemalto Admin Control Center uses cleartext communication with www3.safenet-inc.com

05 June 2019

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs.
KLCERT-19-027: Remote Code Execution Vulnerability in Siemens SIMATIC WinCC and SIMATIC PCS 7

16 May 2019

An attacker with network access to affected installations, which are configured without “Encrypted Communication”, can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device.
KLCERT-19-026: Siemens WinCC local denial of service

16 May 2019

An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system.