34
CVEs
1
Critical
14
High
0
KEV
0
PoC
15
Unpatched C/H
0.0%
Patch Rate
0.2%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
14
MEDIUM
16
LOW
3
Monthly CVE Trend
Affected Products (7)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2024-54092 | A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.3 | 0.5% | 47 |
No patch
|
| CVE-2025-27396 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. [CVSS 8.8 HIGH] | HIGH | 8.8 | 0.3% | 44 |
No patch
|
| CVE-2024-13967 | CVE-2024-13967 is an authentication bypass vulnerability in EIBPORT V3 KNX web server that allows unauthenticated attackers to access sensitive configuration pages through the integrated web interface. Affects EIBPORT V3 KNX and EIBPORT V3 KNX GSM through version 3.9.8. Successful exploitation enables complete compromise of the device including confidentiality, integrity, and availability of configuration settings and potentially the entire KNX installation. | HIGH | 8.8 | 0.1% | 44 |
No patch
|
| CVE-2025-40591 | A security vulnerability in A vulnerability (CVSS 7.7). High severity vulnerability requiring prompt remediation. | HIGH | 7.7 | 0.1% | 39 |
No patch
|
| CVE-2025-24499 | A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | HIGH | 7.5 | 0.2% | 38 |
No patch
|
| CVE-2025-27392 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. [CVSS 7.2 HIGH] | HIGH | 7.2 | 0.8% | 37 |
No patch
|
| CVE-2025-27393 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. [CVSS 7.2 HIGH] | HIGH | 7.2 | 0.8% | 37 |
No patch
|
| CVE-2025-27394 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users. [CVSS 7.2 HIGH] | HIGH | 7.2 | 0.8% | 37 |
No patch
|
| CVE-2025-39202 | CVE-2025-39202 is a local privilege escalation vulnerability in MicroSCADA X SYS600's Monitor Pro interface that allows authenticated users with low privileges to read and overwrite arbitrary files, leading to information disclosure and data corruption. The vulnerability affects the SYS600 product line and requires local access with valid credentials; while the CVSS score of 7.3 indicates moderate-to-high severity, real-world exploitability depends on whether this vulnerability has been added to CISA's KEV catalog or has publicly available proof-of-concept code. | HIGH | 7.3 | 0.0% | 37 |
No patch
|
| CVE-2025-27395 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. [CVSS 7.2 HIGH] | HIGH | 7.2 | 0.2% | 36 |
No patch
|
| CVE-2025-1384 | CVE-2025-1384 is a least privilege violation (CWE-272) in the communication protocol between Omron NJ/NX-series Machine Automation Controllers and Sysmac Studio software that allows unauthenticated remote attackers to execute arbitrary code on affected controllers. The vulnerability affects industrial automation environments and enables complete compromise of controller functionality through unauthorized remote code execution. While the CVSS score of 7.0 indicates moderate-to-high severity, the network-accessible attack vector and lack of required privileges make this a significant threat to operational technology (OT) environments, particularly in manufacturing and critical infrastructure sectors. | HIGH | 7.0 | 0.0% | 35 |
No patch
|
| CVE-2025-40567 | A security vulnerability in A vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures. | MEDIUM | 6.5 | 0.0% | 33 |
No patch
|
| CVE-2025-40579 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Rated medium severity (CVSS 5.4). No vendor patch available. | MEDIUM | 5.4 | 0.1% | 27 |
No patch
|
| CVE-2025-40580 | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Rated medium severity (CVSS 5.4). No vendor patch available. | MEDIUM | 5.4 | 0.1% | 27 |
No patch
|
| CVE-2025-29999 | A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). Rated medium severity (CVSS 5.4). No vendor patch available. | MEDIUM | 5.4 | 0.0% | 27 |
No patch
|