Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-41697 | 1 Phoenixcontact | 137 Fl Nat 2008, Fl Nat 2008 Firmware, Fl Nat 2208 and 134 more | 2025-12-19 | N/A | 6.8 MEDIUM |
| An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692. | |||||
| CVE-2024-47944 | 2025-11-03 | N/A | 6.8 MEDIUM | ||
| The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function. | |||||
| CVE-2025-26409 | 2025-11-03 | N/A | 6.8 MEDIUM | ||
| A serial interface can be accessed with physical access to the PCB of Wattsense Bridge devices. After connecting to the interface, access to the bootloader is possible, as well as a Linux login prompt. The bootloader access can be used to gain a root shell on the device. This issue is fixed in recent firmware versions BSP >= 6.4.1. | |||||
| CVE-2025-1073 | 2025-04-11 | N/A | 7.5 HIGH | ||
| Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized firmware onto the device. | |||||
| CVE-2024-39723 | 1 Ibm | 1 Storage Virtualize | 2024-11-21 | N/A | 4.6 MEDIUM |
| IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935. | |||||