Georgy Zaytsev

**Nome do software vulnerável e versões afetadas** Produtos Kaspersky Anti-Virus para uso doméstico e versões do Kaspersky Endpoint Security anteriores a 12 de março de 2022 Versões do Kaspersky Internet Security anteriores a 12 de março de 2022 Versões do Kaspersky Total Security anteriores a 12 de março de 2022 Versões do Kaspersky Small Office Security anteriores a 12 de março de 2022 Versões do Kaspersky Security Cloud anteriores a 12 de março de 2022 **Descrição** O problema está relacionado a um bug no módulo de análise de dados dos produtos Kaspersky Anti-Virus, que potencialmente permitia que um invasor executasse código arbitrário. Esse bug também está associado à alocação ilimitada de recursos. A exploração desse problema pode permitir que um invasor remoto execute código arbitrário. **Recomendações** Para os produtos Kaspersky Anti-Virus para uso doméstico e as versões do Kaspersky Endpoint Security anteriores a 12 de março de 2022, a correção foi fornecida automaticamente. Para as versões do Kaspersky Internet Security anteriores a 12 de março de 2022, considere atualizar para uma versão lançada após 12 de março de 2022. Para as versões do Kaspersky Total Security anteriores a 12 de março de 2022, considere atualizar para uma versão lançada após 12 de março de 2022. Para versões do Kaspersky Small Office Security anteriores a 12 de março de 2022, considere atualizar para uma versão lançada após 12 de março de 2022. Para versões do Kaspersky Security Cloud anteriores a 12 de março de 2022, considere atualizar para uma versão lançada após 12 de março de 2022.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34 **Description** The WebUI of the affected devices leaks private information in firmware images. **Recommendations** For versions 1.0 through 1.34, consider restricting access to the WebUI to minimize the risk of information leakage until a fix is available.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34 **Description** The WebUI of the affected devices allows for plaintext transmission of user credentials by default, which can be done over HTTP. **Recommendations** For versions 1.0 through 1.34, consider configuring the WebUI to use encrypted transmission, such as HTTPS, to protect user credentials. As a temporary workaround, restrict access to the WebUI to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34 **Description** The WebUI of the affected device is susceptible to a denial-of-service attack. This can be achieved by establishing more than 120 connections. **Recommendations** For versions 1.0 through 1.34, consider restricting the number of connections to the WebUI to prevent denial-of-service attacks. As a temporary workaround, limit the number of concurrent connections to mitigate the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 **Description** The WebUI of the affected device is susceptible to brute-force attacks due to improper restriction of excessive authentication attempts. This allows attackers to attempt numerous login combinations without significant impediment. **Recommendations** For versions prior to 1.35, update to version 1.35 or later to resolve the issue. As a temporary workaround, consider restricting access to the WebUI or implementing additional authentication measures to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact FL SWITCH versions 1.0 through 1.33 **Description** The issue is caused by a buffer overflow in the memory of the menu pxc.cgi and index.cgi components of the managed switch firmware. This can be exploited by a remote attacker by sending a GET request with a specially crafted cookie, potentially allowing the execution of arbitrary code or causing a denial of service. **Recommendations** For versions 1.0 through 1.33, as a temporary workaround, consider restricting access to the vulnerable menu pxc.cgi and index.cgi components until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moxa PT-7528 versions 4.0 or lower Moxa PT-7828 versions 3.9 or lower **Description** The issue is related to the use of hard-coded credentials for the console configuration of Moxa Ethernet switches. Exploitation of this issue may allow an attacker to elevate their privileges. **Recommendations** For Moxa PT-7528 versions 4.0 or lower, update to a version higher than 4.0 to resolve the issue. For Moxa PT-7828 versions 3.9 or lower, update to a version higher than 3.9 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Moxa EDS-G516E Series versions 5.2 and earlier Moxa EDS-510E (affected versions not specified) **Description** The issue is related to the use of a weak cryptographic algorithm in the firmware of the affected products. This weakness may allow an attacker to disclose confidential information. The vulnerability can be exploited remotely. **Recommendations** For Moxa EDS-G516E Series versions 5.2 and earlier, update to a version higher than 5.2 to resolve the issue. For Moxa EDS-510E, at the moment, there is no information about a newer version that contains a fix for this vulnerability.