Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-0218

Summary
Assigner-Nozomi
Assigner Org ID-bec8025f-a851-46e5-b3a3-058e6b0aa23c
Published At-10 Apr, 2024 | 15:55
Updated At-20 Sep, 2024 | 12:19
Rejected At-
Credits

DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticated attacker sending specially crafted malformed network packets to cause the IDS module to stop updating nodes, links, and assets. Network traffic may not be analyzed until the IDS module is restarted.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Nozomi
Assigner Org ID:bec8025f-a851-46e5-b3a3-058e6b0aa23c
Published At:10 Apr, 2024 | 15:55
Updated At:20 Sep, 2024 | 12:19
Rejected At:
▼CVE Numbering Authority (CNA)
DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticated attacker sending specially crafted malformed network packets to cause the IDS module to stop updating nodes, links, and assets. Network traffic may not be analyzed until the IDS module is restarted.

Affected Products
Vendor
Nozomi Networks
Product
Guardian
Default Status
unaffected
Versions
Affected
  • From 0 before 23.4.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-1286CWE-1286 Improper Validation of Syntactic Correctness of Input
Type: CWE
CWE ID: CWE-1286
Description: CWE-1286 Improper Validation of Syntactic Correctness of Input
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.08.2HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-607CAPEC-607 Obstruction
CAPEC ID: CAPEC-607
Description: CAPEC-607 Obstruction
Solutions

Upgrade to v23.4.1 or later.

Configurations
Workarounds
Exploits
Credits
finder
This issue was found by Nozomi Networks during an internal investigation that followed a bug report from one of our customers.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.nozominetworks.com/NN-2024:1-01
N/A
Hyperlink: https://security.nozominetworks.com/NN-2024:1-01
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.nozominetworks.com/NN-2024:1-01
x_transferred
Hyperlink: https://security.nozominetworks.com/NN-2024:1-01
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
nozominetworks
Product
guardian
CPEs
  • cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before 23.4.1 (semver)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:prodsec@nozominetworks.com
Published At:10 Apr, 2024 | 16:15
Updated At:15 Apr, 2026 | 00:35

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticated attacker sending specially crafted malformed network packets to cause the IDS module to stop updating nodes, links, and assets. Network traffic may not be analyzed until the IDS module is restarted.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.2HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-1286Secondaryprodsec@nozominetworks.com
CWE ID: CWE-1286
Type: Secondary
Source: prodsec@nozominetworks.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.nozominetworks.com/NN-2024:1-01prodsec@nozominetworks.com
N/A
https://security.nozominetworks.com/NN-2024:1-01af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://security.nozominetworks.com/NN-2024:1-01
Source: prodsec@nozominetworks.com
Resource: N/A
Hyperlink: https://security.nozominetworks.com/NN-2024:1-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

21Records found
CVE-2023-32649
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-8.2||HIGH
EPSS-0.13% / 32.26%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 10:06
Updated-27 Feb, 2025 | 20:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed.

Action-Not Available
Vendor-nozominetworksNozomi Networks
Product-cmcguardianGuardianCMC
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2023-24015
Matching Score-6
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-6
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 30.95%
||
7 Day CHG+0.02%
Published-09 Aug, 2023 | 09:05
Updated-20 Sep, 2024 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2

A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious authenticated user forcing a report to be saved with its name set as null. The reports section will be partially unavailable for all later attempts to use it, with the report list seemingly stuck on loading.

Action-Not Available
Vendor-nozominetworksNozomi Networks
Product-cmcguardianGuardianCMC
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2023-23903
Matching Score-6
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-6
Assigner-Nozomi Networks Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.16% / 36.06%
||
7 Day CHG+0.03%
Published-09 Aug, 2023 | 09:12
Updated-20 Sep, 2024 | 12:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS via SAML configuration in Guardian/CMC before 22.6.2

An authenticated administrator can upload a SAML configuration file with the wrong format, with the application not checking the correct file format. Every subsequent application request will return an error. The whole application in rendered unusable until a console intervention.

Action-Not Available
Vendor-nozominetworksNozomi Networks
Product-cmcguardianGuardianCMC
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22192
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.64% / 70.53%
||
7 Day CHG~0.00%
Published-18 Oct, 2022 | 02:46
Updated-12 May, 2025 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the device

An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an incoming TCP packet destined to the device is malformed there is a possibility of a kernel panic. Only TCP packets destined to the ports for BGP, LDP and MSDP can trigger this. This issue only affects PTX10004, PTX10008, PTX10016. No other PTX Series devices or other platforms are affected. This issue affects Juniper Networks Junos OS Evolved: 20.4-EVO versions prior to 20.4R3-S4-EVO; 21.3-EVO versions prior to 21.3R3-EVO; 21.4-EVO versions prior to 21.4R3-EVO; 22.1-EVO versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 20.4R1-EVO.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedptx10016ptx10008ptx10004Junos OS Evolved
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2021-44695
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.17% / 37.77%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_cpu_1507ssimatic_s7-1200_cpu_12_1214fcsimatic_s7-1500_cpu_cpu_1513pro-2simatic_s7-1500_cpu_1511csimatic_s7-1500_cpu_1511t-1_firmwaresimatic_s7-1500_cpu_1512sp-1siplus_s7-300_cpu_314siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresimatic_et_200_sp_open_controller_cpu_1515sp_pc_firmwaresimatic_s7-1200_cpu_12_1214c_firmwaresimatic_s7-1200_cpu_12_1211csimatic_s7-1500_cpu_1508s_f_firmwaresimatic_s7-1500_cpu_1510sp-1simatic_s7-1200_cpu_1212csimatic_s7-1500_cpu_1512spf-1simatic_s7-1500_cpu_1513-1simatic_s7-1200_cpu_1212fc_firmwaresimatic_s7-1500_cpu_1517-3_pnsimatic_s7-1500_cpu_1515-2_pn_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dpsimatic_s7-1500_cpu_1513r-1simatic_s7-1200_cpu_1215_fcsimatic_s7-1500_cpu_1512c_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwaresimatic_s7-1200_cpu_12_1215csimatic_s7-1500_cpu_1511-1_firmwaresimatic_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1517f-3_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1518hf-4simatic_s7-1500_cpu_1518-4_pn_firmwaresiplus_tim_1531_irc_firmwaresimatic_s7-1500_cpu_1518-4_dp_firmwaresimatic_s7-1500_cpu_1516tf-3_firmwaresimatic_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dpsimatic_s7-1500_cpu_1517-3simatic_s7-1500_cpu_1518t-4_firmwaresimatic_s7-1500_cpu_1508s_fsimatic_s7-1500_cpu_15prof-2_firmwaresimatic_s7-1500_cpu_1513f-1_pnsimatic_s7-1200_cpu_1214c_firmwaresimatic_s7-1500_cpu_1517-3_pn_firmwaresimatic_s7-1500_cpu_1517-3_dpsimatic_s7-1200_cpu_12_1214csimatic_s7-1200_cpu_1211c_firmwaresimatic_s7-1500_cpu_cpu_1513pro-2_firmwaresimatic_s7-1200_cpu_1214csiplus_tim_1531_ircsimatic_s7-1500_cpu_15prof-2simatic_s7-1500_cpu_1516tf-3siplus_s7-300_cpu_315-2_pn\/dp_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwaresimatic_s7-1500_cpu_151511f-1_firmwaresimatic_s7-1500_cpu_1507s_f_firmwaresimatic_s7-1500_cpu_1516t-3_firmwaresimatic_s7-1500_cpu_1511t-1simatic_s7-1500_cpu_1517tf-3simatic_s7-1500_cpu_1515-2_pnsimatic_s7-1200_cpu_1214_fcsimatic_s7-1500_cpu_1515-2_firmwaresimatic_s7-1500_cpu_1516pro-2_firmwaretim_1531_irc_firmwaresimatic_s7-1500_cpu_1515-2simatic_s7-1500_cpu_1516-3_pnsimatic_s7-1500_cpu_1516pro_f_firmwaresimatic_s7-1500_cpu_1516-3simatic_s7-1200_cpu_1214fcsimatic_s7-1500_cpu_1518f-4_pn\/dpsimatic_s7-1500_cpu_1508s_firmwaresimatic_s7-1500_cpu_1511f-1_firmwaresimatic_s7-1200_cpu_12_1212fcsimatic_s7-1500_cpu_151511c-1simatic_s7-1500_cpu_1518tf-4_firmwaresiplus_s7-1200_cp_1243-1simatic_s7-1500_cpu_1511f-1_pnsimatic_s7-1500_cpu_1507s_fsiplus_s7-300_cpu_315-2_dpsimatic_s7-1500_cpu_1518simatic_s7-1500_cpu_1513-1_pn_firmwaresimatic_s7-1200_cpu_1215fcsimatic_s7-1500_cpu_1518f-4simatic_s7-1500_cpu_1516pro_fsimatic_s7-1500_cpu_1513r-1_firmwaresimatic_et_200_sp_open_controller_cpu_1515sp_pcsimatic_s7-1500_cpu_1512c-1_firmwaresimatic_s7-1500_cpu_1513f-1_pn_firmwaresiplus_et_200sp_cp_1543sp-1_isec_firmwaresimatic_s7-1500_cpu_1518_firmwaresimatic_s7-1500_cpu_1518-4_firmwaresimatic_s7-1500_cpu_1518tf-4simatic_s7-1200_cpu_1214_fc_firmwaresiplus_s7-1200_cp_1243-1_railsimatic_s7-1500_cpu_1516t-3simatic_s7-1500_cpu_1510sp_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfpsiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresimatic_s7-1200_cpu_1215_fc_firmwaresimatic_s7-1200_cpu_12_1215fc_firmwaresimatic_s7-1500_cpu_1515t-2simatic_s7-1500_cpu_15pro-2simatic_s7-1500_cpu_1518-4_pnsimatic_s7-1200_cpu_12_1212c_firmwaresimatic_s7-1200_cpu_12_1212fc_firmwaresimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_15pro-2_firmwaresimatic_s7-1500_cpu_1515tf-2_firmwaretim_1531_ircsimatic_s7-1500_cpu_151511c-1_firmwaresimatic_s7-1200_cpu_12_1217csimatic_s7-1500_cpu_1518-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1510spsimatic_s7-1200_cpu_12_1217c_firmwaresimatic_s7-1500_cpu_1518f-4_firmwaresimatic_s7-1200_cpu_1217csimatic_s7-1500_cpu_151511f-1simatic_s7-1500_software_controller_firmwaresimatic_s7-1500_cpu_1511-1simatic_s7-1500_cpu_1518-4_dpsiplus_s7-300_cpu_317-2_pn\/dp_firmwaresimatic_s7-1200_cpu_1215c_firmwaresimatic_s7-1500_cpu_1513-1_pnsimatic_s7-1200_cpu_1212c_firmwaresimatic_s7-1500_cpu_1515f-2_firmwaresimatic_s7-1200_cpu_1217c_firmwaresimatic_s7-1200_cpu_1214fc_firmwaresimatic_s7-1500_cpu_cpu_1513prof-2_firmwaresimatic_s7-1200_cpu_1215csimatic_s7-1500_cpu_1515r-2simatic_s7-1200_cpu_12_1215fcsiplus_et_200sp_cp_1543sp-1_isecsimatic_s7-1500_cpu_1513f-1simatic_s7-1500_cpu_1512csimatic_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1511c-1simatic_s7-1500_cpu_1517f-3simatic_s7-1500_cpu_1512spf-1_firmwaresiplus_s7-300_cpu_314_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_railsimatic_s7-1500_cpu_1517tf-3_firmwaresimatic_s7-1500_cpu_1516f-3_firmwaresimatic_s7-1500_cpu_1517-3_firmwaresimatic_s7-1200_cpu_12_1214fc_firmwaresimatic_s7-1500_software_controllersimatic_s7-1500_cpu_1511c-1_firmwaresimatic_s7-1500_cpu_1517-3_dp_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1518hf-4_firmwaresimatic_s7-1200_cpu_12_1212csiplus_s7-300_cpu_315-2_pn\/dpsimatic_s7-1500_cpu_1511f-1siplus_s7-300_cpu_317-2_pn\/dpsimatic_s7-1500_cpu_1515tf-2siplus_s7-1200_cp_1243-1_rail_firmwaresimatic_s7-1500_cpu_1511c_firmwaresimatic_s7-1500_cpu_1511tf-1simatic_s7-1500_cpu_1518-4simatic_s7-1500_cpu_1518-4_pn\/dpsiplus_s7-1200_cp_1243-1_firmwaresimatic_s7-1500_cpu_1511tf-1_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1516-3_dpsimatic_s7-1500_cpu_1508ssiplus_s7-300_cpu_315-2_dp_firmwaresimatic_s7-plcsim_advanced_firmwaresimatic_s7-1500_cpu_1510sp-1_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dpsimatic_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1515t-2_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_s7-1500_cpu_1516-3_dp_firmwaresimatic_s7-1200_cpu_12_1215c_firmwaresimatic_s7-1500_cpu_1512sp-1_firmwaresimatic_s7-1200_cpu_1215fc_firmwaresimatic_s7-1500_cpu_1512c-1simatic_s7-1500_cpu_1515f-2simatic_s7-1500_cpu_cpu_1513prof-2simatic_s7-1500_cpu_1515f-2_pnsimatic_s7-1200_cpu_1211csimatic_s7-1500_cpu_1516f-3simatic_s7-1500_cpu_1516-3_pn_firmwaresimatic_s7-1200_cpu_12_1211c_firmwaresimatic_s7-plcsim_advancedsimatic_s7-1500_cpu_1513f-1_firmwaresimatic_s7-1200_cpu_1212fcsimatic_s7-1500_cpu_1516pro-2simatic_s7-1500_cpu_1515r-2_firmwaresimatic_s7-1500_cpu_1507s_firmwaresimatic_s7-1500_cpu_1513-1_firmwaresimatic_s7-1500_cpu_1518t-4SIMATIC S7-1500 CPU 1512C-1 PNSIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1500 CPU 1511T-1 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIPLUS S7-1500 CPU 1518F-4 PN/DPSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 CPU 1510SP-1 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1500 CPU 1511TF-1 PNSIPLUS S7-1500 CPU 1515F-2 PNSIPLUS S7-1500 CPU 1517H-3 PNSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIMATIC S7-1500 CPU 1518HF-4 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIPLUS ET 200SP CPU 1510SP-1 PN RAILSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC S7-PLCSIM AdvancedSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 CPU 1517H-3 PNSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIMATIC S7-1500 CPU 1511C-1 PNSIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC Drive Controller CPU 1507D TFSIMATIC Drive Controller CPU 1504D TFSIMATIC S7-1500 CPU 1513R-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1500 CPU 1515R-2 PNSIMATIC S7-1500 CPU 1512SP F-1 PNTIM 1531 IRCSIPLUS S7-1500 CPU 1511F-1 PNSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC S7-1500 Software Controller V2SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1513-1 PNSIPLUS ET 200SP CPU 1510SP F-1 PNSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIPLUS ET 200SP CPU 1510SP-1 PNSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1516T-3 PN/DPSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIPLUS S7-1500 CPU 1515R-2 PN TX RAILSIMATIC S7-1500 CPU 1512SP-1 PNSIMATIC S7-1500 CPU 1518T-4 PN/DPSIMATIC S7-1500 CPU 1511-1 PNSIMATIC S7-1500 CPU 1517T-3 PN/DPSIPLUS S7-1500 CPU 1518HF-4 PNSIPLUS S7-1500 CPU 1513-1 PNSIPLUS S7-1500 CPU 1515R-2 PNSIMATIC S7-1500 CPU 1513F-1 PNSIMATIC S7-1500 CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1515F-2 PN RAILSIPLUS TIM 1531 IRCSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIPLUS S7-1500 CPU 1511-1 PNSIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2025-22868
Matching Score-4
Assigner-Go Project
ShareView Details
Matching Score-4
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.11%
||
7 Day CHG-0.03%
Published-26 Feb, 2025 | 03:07
Updated-01 May, 2025 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unexpected memory consumption during token parsing in golang.org/x/oauth2

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Action-Not Available
Vendor-golang.org/x/oauth2Go
Product-jwsgolang.org/x/oauth2/jws
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2025-11573
Matching Score-4
Assigner-Amazon
ShareView Details
Matching Score-4
Assigner-Amazon
CVSS Score-8.7||HIGH
EPSS-0.12% / 31.19%
||
7 Day CHG+0.01%
Published-09 Oct, 2025 | 17:48
Updated-14 Oct, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service issue in Amazon.IonDotnet

An infinite loop issue in Amazon.IonDotnet library versions <v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input. To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not receive further updates.

Action-Not Available
Vendor-Amazon
Product-Amazon.IonDotnet
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2025-10954
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-6.9||MEDIUM
EPSS-0.13% / 31.37%
||
7 Day CHG-0.01%
Published-27 Sep, 2025 | 05:00
Updated-03 Oct, 2025 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse() function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range".

Action-Not Available
Vendor-textitn/a
Product-phonenumbersgithub.com/nyaruka/phonenumbers
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2025-0638
Matching Score-4
Assigner-NLnet Labs
ShareView Details
Matching Score-4
Assigner-NLnet Labs
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.56%
||
7 Day CHG~0.00%
Published-22 Jan, 2025 | 15:48
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Routinator crashes when illegal characters are present in manifest file names

The initial code parsing the manifest did not check the content of the file names yet later code assumed that it was checked and panicked when encountering illegal characters, resulting in a crash of Routinator.

Action-Not Available
Vendor-NLnet Labs
Product-Routinator
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-51983
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.5||HIGH
EPSS-2.06% / 83.99%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 07:26
Updated-07 Apr, 2026 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Denial of Service (DoS) via malformed WS-Scan request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device.

Action-Not Available
Vendor-Brother Industries, LtdKonica Minolta, Inc.FUJIFILM Business InnovationToshiba TecRicoh Company, Ltd.
Product-HL-L5212DNDocuPrint P225 dHL-L5200DWHL-L5200DWTMFC-L3720CDWDCP-L2550DW (Japan)MFC-L3780CDWHL-L5210DWTMFC-J4535DW(XL)MFC-J4340DWEHL-B2080DWMFC-L2860DWEDCP-L3520CDWDCP-J914NMFC-L5800DWDCP-L2530DWMFC-L6950DWDCP-7189DWDocuPrint M118 zHL-B2100DBe-STUDIO302DNFHL-B2180DWMFC-J1010DWHL-L5215DNHL-L5210DNDCP-L5510DNDCP-J973N W/BMFC-L2751DWbizhub 4000iMFC-J6995CDWRJ-2150DCP-J928N-W/BDCP-L2550DW (Taiwan)MFC-J5340DWEDCP-B7530DNMFC-L6902DWMFC-L3755CDWMFC-J2340DWDCP-J4143NHL-L6300DWDCP-C1210NMFC-L2900DWDCP-1610WEDCP-1623WEDCP-L2537DWMFC-L2860DW (Japan)MFC-L3780CDW (Japan)DCP-1618WDCP-L2600DWMFC-1910WEHL-L1232WDCP-L2605DWMFC-L6915DWHL-B2158WDCP-L2540DW (Japan)DCP-1615NWMFC-J5345DWDocuPrint M288 zbizhub 3080MFMFC-L2740DWRRJ-3250WBDCP-T226MFC-J738DNTD-4420DNDocuPrint M268 dwHL-2560DNDCP-L2647DWDCP-L2625DWDCP-B7650DWMFC-J6555DWMFC-L2730DWRMFC-J904NMFC-T810W(China)MFC-1916NWSP 230DNwDCP-B7628DWHL-L2385DWHL-L2365DWRMFC-J738DWNRJ-2140MFC-L2880DWHL-L3270CDWMFC-L2820DWXLHL-L6400DWGDCP-L1632WDocuPrint M115 wMFC-L2760DWHL-L1230WHL-5595DNDCP-T835DWDCP-J973N-W/BHL-1210WEMFC-EX915DWMFC-L5710DWMFC-EX670WDCP-L2550DNRHL-L5218DNMFC-L3770CDWMFC-L2700DWDCP-T725DWDCP-J1700DWDCP-L2531DWMFC-J1300DWMFC-L2765DWDocuPrint P275 dwDCP-L2530DWRMFC-L8610CDW (Japan)DocuPrint M235 dwHL-L2370DNRMFC-L2880DW (Japan)MFC-J6947DWHL-L9410CDNMFC-L2862DWMFC-L6910DNDCP-B7608WDCP-B7640DWDCP-T820DWSP-1 (Japan)DCP-L1638WMFC-L2750DW (Japan)MFC-L9577CDWDCP-T436WHL-L2460DWXLDCP-L2535DWMFC-L5750DWDCP-B7620DWMFC-L2707DWM 340WMFC-J6955DWDCP-B7640DW (Asia)HL-L6410DNMFC-L2802DWMFC-J7700CDWDocuPrint M285 zDCP-L2560DWRDCP-1612WEDCP-J988NDocuPrint M260 zDCP-L5660DNMFC-L6750DWHL-L5212DWPJ-773DCP-B7600DADS-4900WMFC-L2701DWDCP-L1848WDocuPrint M225 dwMFC-L3760CDWDCP-J1100DWADS-3000Nbizhub 3000MFHL-L1238WPJ-883MFC-J805DWXLDocuPrint M225 zHL-L6210DWTDCP-B7535DW (China)DCP-B7600DBMFC-J815DWXLDocuPrint P235 dDCP-L2660DW (Japan)HL-L2380DWADS-2700WeDCP-J1200W(XL)DCP-7190DWDS-940DWDCP-L2552DNDCP-L2520DWHL-J6000DWDCP-1612WMFC-J6999CDWHL-1223WRMFC-L5715DWMFC-1910WMFC-L9670CDNDCP-T426WHL-B2050DNMFC-J497DWDCP-B7520DWMFC-J7600CDWHL-L6310DWMFC-L2717DWDCP-L2627DWRJ-4250WBDCP-L2540DNDCP-J772DWMFC-L3750CDWHL-3190CDWHL-L5202DWDocuPrint M118 wMFC-J1170DWMFC-L3768CDWHL-L2425DWDocuPrint P115 wDocuPrint M375 dfMFC-L9570CDW (Japan)DocuPrint M265 zMFC-T930DWDCP-J978N-W/BPT-P950NWMFC-J898NDCP-J1140DWHL-1212WMDS-940DWDCP-1610WDCP-T236MFC-L5915DWMFC-L6702DWHL-JF1HL-L5050DNMFC-L2730DNHL-L2440DWHL-L2460DWDCP-T220HL-T4000DWDocuPrint P268 dwDCP-L2550DNMFC-L5900DWMFC-L2710DWMFC-J6530DWMFC-L2885DWHL-B2150WDCP-L2541DWHL-L2460DNHL-L2351DWMFC-L2710DNRDCP-L2648DWMFC-1915WDCP-T439WDCP-J582NDCP-T720DWHL-2595DWMFC-L6912DWMFC-L2720DWFAX-L2800DWMFC-J6957DWMFC-L2800DWMFC-7895DWDocuPrint M378 dDCP-J526NMFC-B7811DWPT-P900WMFC-T810WMFC-L2712DWDCP-J1203NDCP-L2540DWMFC-L3745CDWTD-2350DMFC-J926N-WBMFC-L2807DWHL-L2350DWRDCP-L2508DWMFC-L3765CDWMFC-B7800DNMFC-L2720DNDCP-T735DWDCP-L2551DWHL-L6402DWMFC-L5912DWMFC-L6710DWHL-L2464DWMFC-L2750DWRADS-4700WMFC-L5755DW (Japan)MFC-L2732DWTD-4550DNWBMFC-T925DWDCP-L5610DNMFC-L6700DWADS-4300NMFC-L9610CDNHL-L2420DWHL-J7010CDWHL-EX470WHL-L2445DWMFC-L8610CDWDCP-L2520DWRHL-1210WRMFC-J6540DWEMFC-L2710DNMFC-L2740DWMFC-L2820DWDCP-L3550CDWMFC-L2960DWDCP-T425WMFC-J6983CDWDCP-C421WTD-2135NWBSADocuPrint P378 dDCP-B7638DNSP 230SFNwDCP-J972NHL-L5102DWMFC-L2922DWHL-L5215DWDCP-L2600DDCP-L2532DWMFC-J1800DW (USA)MFC-J6945DWDocuPrint P288 dwMFC-L3770CDW (Japan)DCP-L3528CDWMFC-L2886DWMFC-J5730DWMFC-L2750DWXLDCP-L8410CDWHL-L2315DWDCP-L3515CDWMFC-J895DWHL-L5100DNTQL-820NWBDocuPrint P285 dwMFC-J6580CDWDCP-L2627DWXLADS-1800WHL-L8360CDWHL-L6202DWDCP-J982N W/BMFC-J2730DWHL-L2371DNMFC-J739DNMFC-8540DNHL-L8240CDWHL-EX415DWMFC-L6970DWDCP-B7558WMFC-L6900DWGHL-L2365DWHL-L2465DWHL-B2188DWMFC-J1605DNMFC-J5830DWHL-L2400DWEHL-1222WEMFC-L2806DWHL-L2340DWRMFC-J3540DWFAX-L2710DNDCP-B7648DWMFC-8530DNMFC-J5930DWHL-L2461DNDCP-T525WMFC-J6959DWADS-3600WHL-L6415DWMFC-J739DWNMFC-L9635CDNRJ-2050HL-L8360CDWTDCP-L2627DWEDocuPrint P268 dMFC-L2740DW (Japan)MFC-J7300CDWHL-L6210DWDCP-J587NMFC-J5800CDWMFC-L2861DWHL-L2467DWDCP-T230HL-L2447DWMFC-J5855DWHL-1210WMFC-J1012DWMFC-J491DWHL-3160CDWMFC-J6535DWMFC-J903NDCP-L5510DWHL-L2350DWDCP-J987N-W/BHL-L2480DWMFC-L2880DWXLADS-4500WHL-L3288CDWMFC-L2805DWHL-1223WEDocuPrint M275 zMFC-J1205W(XL)DCP-T825DWMFC-1911WDCP-T830DWMFC-L2900DWXLMFC-J7500CDWMFC-L3740CDWHL-L3228CDWHL-J6100DWDCP-9030CDNMFC-J6935DWDocuPrint M115 zDCP-J4543NMFC-L5700DWMFC-J5845DW(XL)HL-L6450DWHL-L5100DNDCP-J987N W/BMFC-1919NWHL-L2325DWHL-L2360DNDCP-L3551CDWDCP-T535DWHL-L3280CDWMFC-J890DWMFC-L5710DNHL-L9430CDNDCP-L6600DWHL-L5210DN (Japan)MFC-B7720DNMFC-L2720DWRMFC-L2750DWMFC-J6940DWADS-1250WDCP-L3520CDWEHL-L2370DNHL-L3230CDWDocuPrint M375 zADS-1350WDCP-L5600DNDCP-J982N-W/BDocuPrint M385 zDocuPrint M235 zDCP-J572DWMFC-EX910HL-1212WEMFC-J4335DW(XL)ADS-2800WMFC-L5700DNDCP-T710W(China)DCP-L5518DNMFC-L6820DWMFC-L3730CDNHL-L6300DWTMFC-J6930DWHL-L5210DWbizhub 4020iMFC-L5902DWDocuPrint P378 dwDCP-1612WRHL-L2360DWMFC-L2715DWHL-L2370DWDCP-L2660DWMFC-L2713DWHL-B2180DWBADS-1700WMFC-J3930DWMFC-J6555DWXLMFC-L6915DNMFC-B7715DWHL-L6250DNHL-L2305WMFC-T920DWMFC-J2330DWMFC-J939DNMFC-L3710CDWDCP-L2551DNMFC-L8900CDWDCP-1623WRTD-2135NWBHL-L3215CWMFC-J5630CDWMFC-L2920DWHL-L3290CDWMFC-L2827DWXLDCP-T710WQL-1115NWBDCP-L5650DNMFC-L5710DW (Japan)DCP-L5662DNMFC-J4440NDocuPrint P385 dwMFC-J7100CDWDCP-J4140NHL-L2370DWXLHL-L2372DNDCP-B7658DWDCP-L5502DNMFC-L2716DWMFC-J805DWMFC-L2690DWMFC-J6730DWDCP-7190DNMFC-L2980DWDCP-J774DWMFC-L8690CDWMFC-J1800DW (Europe)DocuPrint M288 dwDCP-J1200WEMFC-L6810DWMFC-L6720DWHL-2569DWMFC-L2700DWRMFC-J5335DWDocuPrint M378 dfDCP-L2620DWMFC-L2835DWMFC-9350CDWHL-L2865DWDCP-J915NMFC-T4500DWMFC-J4540NHL-L2340DWMFC-EX670QL-820NWBcMFC-7880DNDocuPrint P360 dwDCP-L5652DNDCP-J528NDCP-T225DCP-L5512DNDCP-T520WMFC-J3530DWDocuPrint M115 fwMFC-L5718DNDCP-L2622DWHL-L2395DWMFC-J995DWXLHL-L8260CDNHL-L9470CDNHL-L6400DWTDCP-7090DWHL-L2360DNRMFC-L6900DW (Japan)MFC-L2700DNHL-L2386DWHL-L6418DWDCP-L2640DWHL-L2400DWMFC-L5717DWHL-L3220CWMFC-L2700DW (Asia)DCP-B7548WHL-L6200DWMFC-L5728DWMFC-J690DWMFC-L2685DWHL-L5210DW (Japan)HL-L1808WHL-L8245CDWMFC-L5702DWHL-5590DNMFC-J998DWNHL-2590DNDCP-L2535DW (China)MFC-L6800DWDCP-L2640DNHL-L6250DWHL-L6415DNFAX-L2700DNMFC-J5855DWXLPT-P750WADS-2700WMFC-J4540DW(XL)MFC-J5330DWMFC-J3940DWMFC-L2705DWHL-L2375DWHL-L2352DWDocuPrint P118 wHL-1212WRMFC-J6583CDWDCP-L3568CDWMFC-7889DWMFC-L2827DWMFC-J4345DWXLP 201WDocuPrint P388 dwMFC-L2712DNMFC-L8340CDWDCP-T430WMFC-J6980CDWMFC-L2770DWMFC-L3740CDWETD-2135NDCP-J978N W/BMFC-J5340DWHL-L8260CDWHL-L3295CDWDCP-T510WDCP-J572NMFC-L2715DW (Taiwan/Korea/Hong Kong)HL-L2376DWDCP-1617NWDCP-7180DNDocuPrint P375 dDCP-T536DWDCP-T510W(China)DCP-L3517CDWMFC-L5802DWDCP-L5500DNHL-L6217DWMFC-L2703DWDocuPrint M268 zMFC-J6740DWMFC-J1500NDCP-T530DWDocuPrint P260 dwDCP-B7578DWMFC-7890DNHL-L3240CDWM 340FWMFC-J6997CDWMFC-J893NTD-2320DTD-2350DSAMFC-J6540DWHL-J6000CDWDCP-T428WMFC-L2805DW (Asia)TD-2135NSAHL-L5228DWMFC-L9630CDNMFC-B7810DWHL-L6412DWHL-L8230CDWDCP-L5602DNDCP-T420WHL-L2357DWDCP-L2628DWDCP-L1630WDCP-B7520DW (China)DCP-1616NWMFC-T910DWMFC-J4443NMFC-L3735CDNMFC-J5955DWDCP-T730DWHL-J6010DWDCP-L2518DWMFC-L2817DWDCP-L3510CDWHL-L3220CWEDCP-B7620DWBHL-L2405WHL-L2390DWDCP-T238MFC-L6900DWDCP-L3560CDWDCP-7195DWHL-L6415DWTDocuPrint P375 dwMFC-T935DWHL-B2100DHL-L2366DWMFC-J998DNMFC-L2771DWHL-1218WHL-L2475DWHL-L2361DNMFC-L5850DWHL-L6310DW (Japan)DCP-L2550DWMFC-L2710DWRDCP-L2680DWHL-5595DNHMFC-L9570CDWDCP-J1200NMFC-J5945DWMFC-J1215WDCP-L2665DWHL-1211WMFC-1912WRMFC-J5740DWDCP-L2548DWMFC-B7810DWBMFC-J4340DW(XL)DCP-B7535DWHL-L3300CDWMFC-L8395CDWMFC-J939DWNHL-L9310CDWDCP-L3555CDWADS-3300Wbizhub 5000iMFC-9150CDNMFC-L5715DNDCP-J981NADS-2400NDCP-L2550DW (China)DCP-J1050DWDCP-T435WDCP-1610WRDCP-L2540DNRe-STUDIO301DNHL-B2181DWDCP-L2560DWDCP-J1800NDCP-J577NMFC-L8390CDWHL-L3230CDNHL-L6200DWTMFC-J4940DNMFC-L2680WHL-L3220CDWHL-L3210CWMFC-J2740DWTD-2320DSADocuPrint P265 dwDCP-1622WEMFC-L2802DNMFC-1911NWHL-L6400DWMFC-L2860DWSP-1MFC-L2730DWMFC-L5755DWHL-L2375DWRMFC-J995DWbizhub 5020iMFC-J905NDCP-B7640DWBMFC-J4440DW
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-51982
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-7.5||HIGH
EPSS-1.14% / 78.49%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 07:25
Updated-02 Apr, 2026 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Denial of Service (DoS) via malformed PJL request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, and Ricoh.

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash.

Action-Not Available
Vendor-Brother Industries, LtdFUJIFILM Business InnovationRicoh Company, Ltd.
Product-DCP-J978N-W/BMFC-J898NMFC-J998DWNMFC-J491DWHL-2590DNHL-3160CDWMFC-J6535DWDCP-L2535DW (China)DCP-L2550DW (Japan)MFC-J903NHL-L2350DWDCP-J987N-W/BMFC-L2730DNDCP-T220HL-T4000DWHL-B2080DWMFC-J5330DWDocuPrint M275 zDCP-L2550DNHL-L2375DWDCP-L2530DWDCP-T825DWMFC-L2710DWMFC-J6530DWHL-L2352DWMFC-J6583CDWHL-L2351DWDCP-J973N W/BMFC-L2710DNRP 201WDCP-J582NDCP-T720DWMFC-L2751DWMFC-L2712DNHL-2595DWMFC-J6980CDWMFC-L2770DWMFC-J6995CDWDCP-L2550DW (Taiwan)HL-J6100DWDCP-9030CDNMFC-J6935DWDCP-J978N W/BMFC-7895DWDCP-B7530DNMFC-J5845DW(XL)HL-L8260CDWDCP-J987N W/BDCP-T510WHL-L2325DWDCP-L3551CDWMFC-T810WDCP-J572NMFC-L2712DWMFC-J890DWMFC-L2715DW (Taiwan/Korea/Hong Kong)HL-L2376DWDCP-L2537DWMFC-B7720DNMFC-L3745CDWDCP-T510W(China)MFC-L2750DWDCP-L3517CDWHL-L2370DNHL-L2350DWRHL-L3230CDWDCP-J982N-W/BMFC-J1500NDocuPrint M235 zDocuPrint M288 zDCP-J572DWMFC-7890DNDCP-T226M 340FWDCP-L2551DWMFC-J738DNDCP-T710W(China)ADS-2800WMFC-L3730CDNMFC-L2750DWRMFC-J6930DWMFC-J6997CDWMFC-J893NMFC-L2732DWMFC-L2730DWRMFC-T925DWHL-J6000CDWDCP-T428WMFC-T810W(China)SP 230DNwHL-L2385DWMFC-J738DWNMFC-L8610CDWHL-L3270CDWDCP-T420WHL-L2357DWMFC-L2715DWMFC-L2710DNDCP-L3550CDWDCP-T425WMFC-J6983CDWDCP-C421WDCP-B7520DW (China)HL-L2370DWMFC-T910DWMFC-L2713DWDCP-J973N-W/BMFC-J3930DWSP 230SFNwMFC-L3735CDNDCP-J972NMFC-J2330DWMFC-B7715DWMFC-T920DWDCP-L2550DNRMFC-L3770CDWDCP-T725DWMFC-L3710CDWDCP-L2531DWDCP-L2551DNDCP-L3510CDWMFC-L8900CDWHL-L2390DWMFC-J1300DWDCP-L2532DWDocuPrint P275 dwDCP-L2530DWRMFC-J6945DWDocuPrint P288 dwDocuPrint M235 dwHL-L2370DNRMFC-J5630CDWMFC-L3770CDW (Japan)MFC-L8610CDW (Japan)DCP-7195DWHL-L3290CDWMFC-J6947DWMFC-J5730DWMFC-L2750DWXLDCP-L8410CDWDCP-T710WDCP-T820DWMFC-J895DWMFC-L2750DW (Japan)DocuPrint P285 dwMFC-L9577CDWMFC-J6580CDWMFC-J998DNHL-L2370DWXLMFC-L2771DWHL-L2372DNHL-L8360CDWDCP-L2535DWM 340WMFC-L2716DWMFC-J805DWMFC-L2690DWMFC-J2730DWDCP-L2550DWMFC-L2710DWRMFC-J6730DWDocuPrint M285 zDCP-J982N W/BMFC-L9570CDWDCP-7190DNHL-L2371DNDCP-J988NMFC-J5945DWDCP-J774DWMFC-L8690CDWDocuPrint M288 dwDCP-B7535DWMFC-J5335DWMFC-9350CDWDCP-J1100DWMFC-J1605DNMFC-J5830DWADS-3000NHL-L9310CDWMFC-T4500DWMFC-J805DWXLFAX-L2710DNMFC-9150CDNDCP-J981NADS-2400NDCP-L2550DW (China)MFC-J815DWXLMFC-J5930DWDocuPrint P235 dDCP-T525WDCP-J577NHL-L3230CDNDCP-T225DCP-7190DWDCP-T520WMFC-J3530DWDCP-L2552DNHL-J6000DWADS-3600WHL-L3210CWMFC-J6999CDWHL-L8360CDWTHL-L2395DWDCP-T426WMFC-J497DWHL-B2050DNMFC-J995DWXLHL-L8260CDNDCP-B7520DWDCP-7090DWHL-L2386DWMFC-L2717DWDCP-J587NDCP-J772DWMFC-L3750CDWHL-3190CDWMFC-L2730DWHL-L2375DWRMFC-J690DWMFC-J995DWMFC-L9570CDW (Japan)DCP-B7535DW (China)
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-39542
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.32% / 55.34%
||
7 Day CHG~0.00%
Published-11 Jul, 2024 | 16:17
Updated-08 Aug, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS and Junos OS Evolved: A malformed CFM packet or specific transit traffic leads to FPC crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS). This issue can occur in two scenarios: 1. If a device, which is configured with SFLOW and ECMP, receives specific valid transit traffic, which is subject to sampling, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. (This scenario is only applicable to PTX but not to ACX or MX.) 2. If a device receives a malformed CFM packet on an interface configured with CFM, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. Please note that the CVSS score is for the formally more severe issue 1. The CVSS score for scenario 2. is: 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) This issue affects Junos OS: * All versions before 21.2R3-S4, * 21.4 versions before 21.4R2, * 22.2 versions before 22.2R3-S2;  Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.4 versions before 21.4R2-EVO.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosjunos_os_evolvedJunos OSJunos OS Evolvedjunos_os_evolvedjunos_os
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-3384
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.73% / 72.73%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 17:06
Updated-24 Jan, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osCloud NGFWPAN-OSPrisma Access
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2022-1941
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.86%
||
7 Day CHG~0.00%
Published-22 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Memory issue in ProtocolBuffers for cpp and python

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.

Action-Not Available
Vendor-Google LLCFedora ProjectDebian GNU/Linux
Product-protobuf-cppdebian_linuxfedoraprotobuf-pythonprotobuf-cppprotobuf-pythonprotobuf-cppprotobuf-python
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2026-33778
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.14% / 32.91%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 21:35
Updated-17 Apr, 2026 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections. This issue affects Junos OS on SRX Series and MX Series: * all versions before 22.4R3-S9, * 23.2 version before 23.2R2-S6, * 23.4 version before 23.4R2-S7, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S3, * 25.2 versions before 25.2R1-S2, 25.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-mx10004srx5400mx301mx240srx5800mx304srx1600mx480junosmx960srx345mx204srx2300srx4700srx4600mx2008srx300mx10008mx2020srx380srx340mx2010srx4100srx1500srx4300srx4200srx320srx4120srx5600Junos OS
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2023-28985
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.05%
||
7 Day CHG~0.00%
Published-14 Jul, 2023 | 16:34
Updated-07 Nov, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition. On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core. This issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598. In order to identify the current SigPack version, following command can be used: user@junos# show security idp security-package-version

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345mx2008mx960mx240srx5800srx110srx4000srx550_hmsrx220srx240h2vsrxmx2010mx5srx5400srx100srx3400srx300srx550mx104junosmx80srx240msrx210srx1500srx380srx4200srx340mx10008mx150srx4100mx10srx240mx2020srx3600mx10003srx5000mx10016srx1400mx10000mx204mx480srx320srx5600mx40srx650srx4600csrxsrx550mJunos OSjunos_os
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-21595
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.20%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 00:52
Updated-03 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If an attacker sends high rate of specific ICMP traffic to a device with VXLAN configured, this causes a deadlock of the PFE and results in the device becoming unresponsive. A manual restart will be required to recover the device. This issue only affects EX4100, EX4400, EX4600, QFX5000 Series devices. This issue affects: Juniper Networks Junos OS * 21.4R3 versions earlier than 21.4R3-S4; * 22.1R3 versions earlier than 22.1R3-S3; * 22.2R2 versions earlier than 22.2R3-S1; * 22.3 versions earlier than 22.3R2-S2, 22.3R3; * 22.4 versions earlier than 22.4R2; * 23.1 versions earlier than 23.1R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-ex4400qfx5210-64cqfx5220qfx5210qfx5110qfx5120qfx5100qfx5200-48yqfx5100-96sqfx5130ex4100ex4600qfx5200qfx5200-32cjunosqfx5700Junos OSjunos
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-21598
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.15% / 34.53%
||
7 Day CHG~0.00%
Published-12 Apr, 2024 | 14:54
Updated-06 Feb, 2025 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart. This issue affects Juniper Networks Junos OS: * 20.4 versions 20.4R1 and later versions earlier than 20.4R3-S9; * 21.2 versions earlier than 21.2R3-S7; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3-S4; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R3; * 23.2 versions earlier than 23.2R1-S2, 23.2R2; Junos OS Evolved: * 20.4-EVO versions 20.4R1-EVO and later versions earlier than 20.4R3-S9-EVO; * 21.2-EVO versions earlier than 21.2R3-S7-EVO; * 21.3-EVO versions earlier than 21.3R3-S5-EVO; * 21.4-EVO versions earlier than 21.4R3-S5-EVO; * 22.1-EVO versions earlier than 22.1R3-S4-EVO; * 22.2-EVO versions earlier than 22.2R3-S3-EVO; * 22.3-EVO versions earlier than 22.3R3-S1-EVO; * 22.4-EVO versions earlier than 22.4R3-EVO; * 23.2-EVO versions earlier than 23.2R1-S2-EVO, 23.2R2-EVO; This issue does not affect Juniper Networks * Junos OS versions earlier than 20.4R1; * Junos OS Evolved versions earlier than 20.4R1-EVO. This is a related but separate issue than the one described in JSA79095.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosjunos_os_evolvedJunos OSJunos OS Evolvedjunos_os_evolvedjunos_os
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2024-21616
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.21% / 42.55%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 00:56
Updated-17 Jun, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allocation to fail

An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series and SRX Series platforms, when SIP ALG is enabled, and a specific SIP packet is received and processed, NAT IP allocation fails for genuine traffic, which causes Denial of Service (DoS). Continuous receipt of this specific SIP ALG packet will cause a sustained DoS condition. NAT IP usage can be monitored by running the following command. user@srx> show security nat resource-usage source-pool <source_pool_name> Pool name: source_pool_name .. Address Factor-index Port-range Used Avail Total Usage X.X.X.X 0 Single Ports 50258 52342 62464 96% <<<<< - Alg Ports 0 2048 2048 0% This issue affects: Juniper Networks Junos OS on MX Series and SRX Series * All versions earlier than 21.2R3-S6; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3-S4; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R2-S2, 22.4R3; * 23.2 versions earlier than 23.2R1-S1, 23.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2026-21917
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-8.7||HIGH
EPSS-0.04% / 10.42%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 20:27
Updated-23 Jan, 2026 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series: Specifically malformed SSL packet causes FPC crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an SRX device configured for UTM Web-Filtering receives a specifically malformed SSL packet, this will cause an FPC crash and restart. This issue affects Junos OS on SRX Series: * 23.2 versions from 23.2R2-S2 before 23.2R2-S5,  * 23.4 versions from 23.4R2-S1 before 23.4R2-S5, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R1-S3, 24.4R2. Earlier versions of Junos are also affected, but no fix is available.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345srx4200srx5600srx4700srx4100srx1500srx300srx340srx5400junossrx320srx4600srx5800srx4120srx4300srx2300srx380srx1600Junos OS
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CVE-2025-55085
Matching Score-4
Assigner-Eclipse Foundation
ShareView Details
Matching Score-4
Assigner-Eclipse Foundation
CVSS Score-8.8||HIGH
EPSS-0.16% / 36.83%
||
7 Day CHG~0.00%
Published-17 Oct, 2025 | 14:22
Updated-27 Oct, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web http client: Unchecked Server-Side Malicious Packet Issue

In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.

Action-Not Available
Vendor-Eclipse Foundation AISBL
Product-threadx_netx_duoNetX Duo
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
Details not found