Sharon Brizinov

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** A crash in the HTTP protocol dissector allows for a denial of service. This occurs when the software processes malformed traffic, which can lead to the crashing of analysis sessions. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a patched version. Update Wireshark versions 4.4.0 through 4.4.14 to a patched version.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** An infinite loop in the RPKI-Router protocol dissector can lead to a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** An infinite loop in the OpenFlow v6 protocol dissector can lead to a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version later than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version later than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** An infinite loop in the GNW protocol dissector allows for a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** The OpenFlow v5 protocol dissector contains a flaw that can lead to infinite loops, resulting in a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** An infinite loop in the MBIM protocol dissector can lead to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** An infinite loop in the SANE protocol dissector allows for a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** A crash in the dissection engine during LZ77 decompression can lead to a denial of service. LZ77 is a lossless data compression algorithm that replaces repeated occurrences of data with references to a single copy. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** A crash in the Kismet protocol dissector allows for a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** A crash in the BEEP protocol dissector allows for a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 **Description** An infinite loop in the USB HID protocol dissector can lead to a denial of service. **Recommendations** Update Wireshark versions 4.6.0 through 4.6.4 to a version newer than 4.6.4. Update Wireshark versions 4.4.0 through 4.4.14 to a version newer than 4.4.14.

**Name of the Vulnerable Software and Affected Versions** Medixant RadiAnt DICOM Viewer (affected versions not specified) **Description** The issue is due to the failure of the update mechanism to verify the update server's certificate, which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server's response and deliver a malicious update to the user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MicroDicom DICOM Viewer version 2024.03 **Description** The issue arises from the software's failure to adequately verify the update server's certificate. This could allow attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack, enabling them to modify the server's response and deliver a malicious update to the user. **Recommendations** For MicroDicom DICOM Viewer version 2024.03, as a temporary workaround, consider disabling automatic updates until a patch is available. Restrict access to the update server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AutomationDirect C-more EA9 HMI (affected versions not specified) **Description** The issue concerns a function with bounds checks that can be skipped, potentially allowing an attacker to abuse the function and cause a denial-of-service condition or achieve remote code execution on the affected device. The vulnerability is being actively exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation RSLogix 5 (affected versions not specified) **Description** A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention. This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. Connected devices may also be impacted by exploitation of this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: PTC Kepware ThingWorx Kepware Server (affected versions not specified) Description: The issue arises when performing online tag generation to devices that communicate using the ControlLogix protocol. A machine-in-the-middle or a device that is not configured correctly could deliver a response leading to unrestricted or unregulated resource allocation. This could cause a denial-of-service condition and crash the Kepware application. By default, these functions are turned off, yet they remain accessible for users who recognize and require their advantages. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Synology Router Manager versions prior to 1.2.5-8227-11 Synology Router Manager versions prior to 1.3.1-9346-8 **Description** The issue is related to incorrect default permissions in the firewall functionality, allowing man-in-the-middle attackers to access sensitive intranet resources. This is also described as an improper access control firewall bypass vulnerability. **Recommendations** For versions prior to 1.2.5-8227-11, update to version 1.2.5-8227-11 or later. For versions prior to 1.3.1-9346-8, update to version 1.3.1-9346-8 or later.

Name of the Vulnerable Software and Affected Versions: Synology Router Manager versions prior to 1.2.5-8227-11 Synology Router Manager versions prior to 1.3.1-9346-8 Description: The issue is related to the AirPrint functionality in Synology Router Manager, where code is loaded without integrity checks. This allows a remote attacker to execute arbitrary code, potentially via man-in-the-middle attacks. Recommendations: For Synology Router Manager versions prior to 1.2.5-8227-11, update to version 1.2.5-8227-11 or later. For Synology Router Manager versions prior to 1.3.1-9346-8, update to version 1.3.1-9346-8 or later.

**Name of the Vulnerable Software and Affected Versions** ScadaPro (affected versions not specified) **Description** The entire parent directory - C:ScadaPro and its sub-directories and files are configured by default to allow users, including unprivileged users, to write or overwrite files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TP-Link Omada ER605 (affected versions not specified) **Description** The issue is related to the use of weak protection mechanisms in the cmxddnsd executable of the TP-Link Omada ER605 router's firmware. This allows a remote attacker to execute arbitrary code in the context of root. The vulnerability can be exploited by network-adjacent attackers to access or spoof DDNS messages on affected installations, with no authentication required. However, devices are only vulnerable if configured to use the Comexe DDNS service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.