CVE-2025-0418
- EPSS 0.02%
- Veröffentlicht 01.04.2025 04:15:39
- Zuletzt bearbeitet 01.04.2025 20:26:11
Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who gain access to local project data can read the passwords.
- EPSS 0.03%
- Veröffentlicht 01.04.2025 04:15:38
- Zuletzt bearbeitet 01.04.2025 20:26:11
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then perfo...
CVE-2025-0416
- EPSS 0.03%
- Veröffentlicht 01.04.2025 04:15:37
- Zuletzt bearbeitet 01.04.2025 20:26:11
Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpe...
CVE-2021-26726
- EPSS 1.08%
- Veröffentlicht 16.02.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 05:56:45
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.