Nozomi

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A low-privileged remote attacker can force the watchdog of the affected devices to reboot the PLC due to incorrect default permissions of a config file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on the device after the watchdog has been initialized. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read, write and execute access to any file on the device. This issue allows attackers to breach device security, granting unauthorized access to sensitive files. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.