Aditya Sood

**Name of the Vulnerable Software and Affected Versions** Moxa MiiNePort E1 versions prior to 1.8 Moxa MiiNePort E2 versions prior to 1.4 Moxa MiiNePort E3 versions prior to 1.1 **Description** An issue allows an attacker to potentially brute force an active session cookie, enabling them to download configuration files. **Recommendations** For Moxa MiiNePort E1 versions prior to 1.8, update to version 1.8 or later. For Moxa MiiNePort E2 versions prior to 1.4, update to version 1.4 or later. For Moxa MiiNePort E3 versions prior to 1.1, update to version 1.1 or later.

**Name of the Vulnerable Software and Affected Versions** Siemens OZW OZW672 versions prior to 6.00 Siemens OZW OZW772 versions prior to 6.00 **Description** A cross-site scripting (XSS) issue exists in the login form of the integrated web server, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL. **Recommendations** For Siemens OZW OZW672 versions prior to 6.00, update to version 6.00 or later. For Siemens OZW OZW772 versions prior to 6.00, update to version 6.00 or later.