aEnrich Technology a+HRD contains a deserialization of untrusted data vulnerability that can allow an attacker to execute arbitrary system commands to perform arbitrary system operation.

Sources: CVE, GitHub

Siemens Solid Edge contains NULL pointer dereference, out-of-bounds read and more vulnerabilities that can allow an attacker to execute arbitrary code or crash the application.

Sources: CISA, Siemens

Teltonika Remote Management System and RUT Model Routers contain improper authentication, server-side request forgery and more vulnerabilities that can allow impersonation of legitimate devices.

Sources: CISA, Teltonika

Rockwell Automation Kinetix 5500 contains an improper access control vulnerability that could create a denial-of-service condition or allow attackers unauthorized access to the device.

Sources: CISA, Rockwell Automation

BirdDog Cameras and Encoders contains cross-site request forgery and use of hard-coded credentials vulnerabilities that can allow an attacker to remotely execute code or obtain unauthorized access to the product.

Sources: CISA, Bird Dog

SDG PnPSCADA contains an SQL injection vulnerability that can allow an attacker to interact with the database and retrieve critical data.

Sources: CISA, SNG

PTC Vuforia Studio contains path traversal, cross-site request forgery and more vulnerabilities that can allow an attacker to view credentials, perform a cross-site request forgery attack, resend requests or upload or delete arbitrary files.

Sources: CISA, PTC

Rockwell Automation PanelView 800 contains out-of-bounds write and out-of-bounds read vulnerabilities that can allow remote code execution.

Sources: CISA, Rockwell Automation