Vendor CVEs
Rexroth
All CVEs
57 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-45220 | 0.00 | — | 0.00 | Oct 25, 2023 | The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature… | |||
| CVE-2023-41372 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server settings of the Android Client application, inducing it to connect to an attacker - controlled malicious server.This is possible by forging a valid broadcast intent… | |||
| CVE-2023-41960 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself. | |||
| CVE-2023-41255 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug… | |||
| CVE-2023-43488 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Android Debug Bridge) protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without… | |||
| CVE-2023-45844 | 0.00 | — | 0.00 | Oct 25, 2023 | The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android application and leverage it to have access to critical device settings such as the device power management or eventually the device secure… | |||
| CVE-2018-16994 | 0.00 | — | 0.02 | Feb 18, 2020 | An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix… |
- CVE-2023-45220Oct 25, 2023risk 0.00cvss —epss 0.00
The Android Client application, when enrolled with the define method 1(the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature…
- CVE-2023-41372Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify the server settings of the Android Client application, inducing it to connect to an attacker - controlled malicious server.This is possible by forging a valid broadcast intent…
- CVE-2023-41960Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself.
- CVE-2023-41255Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to gain a root shell on the device itself abusing the lack of authentication of the ‘su’ binary file installed on the device that can be accessed through the ADB (Android Debug…
- CVE-2023-43488Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows a low privileged (untrusted) application to modify a critical system property that should be denied, in order to enable the ADB (Android Debug Bridge) protocol to be exposed on the network, exploiting it to gain a privileged shell on the device without…
- CVE-2023-45844Oct 25, 2023risk 0.00cvss —epss 0.00
The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android application and leverage it to have access to critical device settings such as the device power management or eventually the device secure…
- CVE-2018-16994Feb 18, 2020risk 0.00cvss —epss 0.02
An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix…
Page 2 of 2