VYPR
Vendor

Valmet Dna

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2025-0416HigApr 1, 2025
    risk 0.58cvss epss 0.00

    Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege…

  • CVE-2021-26726HigFeb 16, 2022
    risk 0.57cvss 8.8epss 0.01

    A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.

  • CVE-2025-0418MedApr 1, 2025
    risk 0.34cvss epss 0.00

    Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who gain access to local project data can read the passwords.

  • CVE-2025-15577Feb 12, 2026
    risk 0.00cvss epss 0.01

    An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older.