VYPR

Zeek

by Zeek

CVEs (4)

  • CVE-2023-7244CriMar 1, 2024
    risk 0.64cvss 9.8epss 0.01

    Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code…

  • CVE-2023-7243CriMar 1, 2024
    risk 0.64cvss 9.8epss 0.01

    Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution.

  • CVE-2023-7242HigMar 1, 2024
    risk 0.53cvss 8.2epss 0.00

    Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak…

  • CVE-2021-41732HigSep 29, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended