Arun Magesh

**Name of the Vulnerable Software and Affected Versions** Dr Trust ECG Pen version 2.00.08 **Description** An issue allows attackers to access the GATT server of the device without requiring pairing or security. This enables attackers to sniff data being broadcasted during measurements and extract saved data over a Bluetooth connection. Additionally, attackers can launch a man-in-the-middle attack against data integrity. **Recommendations** For Dr Trust ECG Pen version 2.00.08, consider disabling Bluetooth LE support until a secure pairing or security mechanism is implemented to prevent unauthorized access. Restrict access to the GATT server to minimize the risk of data sniffing and extraction. Avoid using the device for sensitive measurements until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** HiveMQ Broker Control Center version 4.3.2 **Description** An issue was discovered where a crafted `clientid` parameter in an MQTT packet sent to the Broker is reflected in the client section of the management console. This reflection can lead to the loading of an attacker's JavaScript in a browser, potentially resulting in the theft of the session and cookie of the administrator's account of the Broker. **Recommendations** For HiveMQ Broker Control Center version 4.3.2, consider restricting access to the management console to minimize the risk of exploitation. As a temporary workaround, avoid using the `clientid` parameter in MQTT packets until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MoscaJS Aedes version 0.42.0 **Description** An issue was discovered in the handling of exceptions during the writing of an invalid packet to a stream in lib/write.js. **Recommendations** For version 0.42.0, update to version 0.42.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Nescomed Multipara Monitor M1000 devices (affected versions not specified) **Description** An issue was discovered where the device enables an unencrypted TELNET service by default, with a blank password for the `admin` account. This allows an attacker to gain root access to the device over the local network. **Recommendations** For Nescomed Multipara Monitor M1000 devices, consider disabling the TELNET service or setting a strong password for the `admin` account to prevent unauthorized access. Restrict access to the device over the local network to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nescomed Multipara Monitor M1000 devices (affected versions not specified) **Description** An issue was discovered where the physical UART debug port on the devices provides a shell without requiring a password, giving complete access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nescomed Multipara Monitor M1000 (affected versions not specified) **Description** An issue was discovered where the internal storage of the underlying Linux system on the Nescomed Multipara Monitor M1000 stores data in cleartext, without integrity protection against tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nescomed Multipara Monitor M1000 (affected versions not specified) **Description** An issue was discovered where the onboard Flash memory stores data in cleartext, without integrity protection against tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apache ActiveMQ Artemis versions 2.5.0 through 2.13.0 **Description** A specially crafted MQTT packet with an XSS payload as `client-id` or `topic name` can exploit this issue. The XSS payload is injected into the admin console's browser and is triggered in the diagram plugin, specifically in the queue node and the info section. **Recommendations** For Apache ActiveMQ Artemis versions 2.5.0 through 2.13.0, consider disabling the diagram plugin as a temporary workaround until a patch is available. Restrict access to the admin console to minimize the risk of exploitation. Avoid using XSS payloads in `client-id` or `topic name` to prevent triggering the issue.