Skip to main content
CVE-2020-16226 CRITICAL Act Now

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qj71Mes96 Firmware Qj71Ws96 Firmware Q06Ccpu V Firmware Q24Dhccpu V Firmware +91
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-24231 CRITICAL Act Now

Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Symmetricds
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-6875 CRITICAL Act Now

A ZTE product is impacted by the improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zte Zxone 19700 Snpe Firmware
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-4493 CRITICAL PATCH Act Now

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTTP command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Authentication Bypass Maximo Asset Management
NVD
CVSS 3.1
9.8
EPSS
2.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy