Ayushman Dutta

**Name of the Vulnerable Software and Affected Versions** TwinCAT XAR 3.1 versions (affected versions not specified) **Description** The issue is related to the default installation path and permissions of the TwinCAT XAR 3.1 software. If the directory does not exist, it and further subdirectories are created with permissions that allow every local user to modify the content. The default installation registers TcSysUI.exe for automatic execution upon log in of a user. A less privileged user can replace TcSysUI.exe, which will be executed automatically by another user during login, including users with administrative access. This allows a less privileged user to trick a higher privileged user into executing modified code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xovis PC2, PC2R, and PC3 devices versions through 3.6.0 **Description** The issue allows for CSRF, which is a type of attack that tricks a user into performing unintended actions on a web application. **Recommendations** For Xovis PC2, PC2R, and PC3 devices versions through 3.6.0, update to a version later than 3.6.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Xovis PC2, PC2R, and PC3 devices versions through 3.6.0 **Description** The issue allows XXE (XML External Entity) attacks. **Recommendations** For Xovis PC2, PC2R, and PC3 devices versions through 3.6.0, update to a version later than 3.6.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Xovis PC2, PC2R, and PC3 devices versions through 3.6.0 **Description** The issue allows Directory Traversal. **Recommendations** For Xovis PC2, PC2R, and PC3 devices versions through 3.6.0, update to a version later than 3.6.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions 8.0.0 through 8.0.10 **Description** A Cross-Site Scripting (XSS) issue exists in the PAN-OS URL filtering “continue page” due to improper validation of specific request parameters. This allows an attacker to inject arbitrary JavaScript or HTML via specially crafted URLs. Successful exploitation may enable an attacker to inject malicious code in URLs linking to the affected page hosted by the firewall. **Recommendations** For PAN-OS versions 8.0.0 through 8.0.10, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the URL filtering “continue page” to minimize the risk of exploitation. Avoid using specially crafted URLs that could link to this page until the issue is resolved.