CINXE.COM
Recently Updated Plugins | Tenable®
<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><title>Recently Updated Plugins<!-- --> | Tenable®</title><meta name="description" content="Listing recently updated plugins."/><meta property="og:title" content="Recently Updated Plugins"/><meta property="og:description" content="Listing recently updated plugins."/><meta name="twitter:title" content="Recently Updated Plugins"/><meta name="twitter:description" content="Listing recently updated plugins."/><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="apple-touch-icon" sizes="180x180" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/apple-touch-icon-180x180.png"/><link rel="manifest" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/manifest.json"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/favicon.ico" sizes="any"/><link rel="icon" href="https://www.tenable.com/themes/custom/tenable/images-new/favicons/tenable-favicon.svg" type="image/svg+xml"/><meta name="msapplication-config" content="https://www.tenable.com/themes/custom/tenable/images-new/favicons/browserconfig.xml"/><meta name="theme-color" content="#ffffff"/><link rel="canonical" href="https://www.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="x-default" href="https://www.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="en" href="https://www.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="de" href="https://de.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="es" href="https://es-la.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="fr" href="https://fr.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="ja" href="https://jp.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="ko" href="https://kr.tenable.com/plugins/updated"/><link rel="alternate" hrefLang="zh-CN" href="https://www.tenablecloud.cn/plugins/updated"/><link rel="alternate" hrefLang="zh-TW" href="https://zh-tw.tenable.com/plugins/updated"/><meta name="next-head-count" content="25"/><script type="text/javascript">window.NREUM||(NREUM={});NREUM.info = {"agent":"","beacon":"bam.nr-data.net","errorBeacon":"bam.nr-data.net","licenseKey":"5febff3e0e","applicationID":"96358297","agentToken":null,"applicationTime":35.273473,"transactionName":"MVBabEEHChVXU0IIXggab11RIBYHW1VBDkMNYEpRHCgBHkJaRU52I2EXF0MKEQFfXkVORBZRWUxWAg==","queueTime":0,"ttGuid":"4865c9a0bd03a316"}; (window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"5febff3e0e",applicationID:"96358297"};;/*! For license information please see nr-loader-rum-1.283.2.min.js.LICENSE.txt */ (()=>{var e,t,r={122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},217:(e,t,r)=>{"use strict";r.d(t,{D0:()=>m,gD:()=>v,xN:()=>h});r(860).K7.genericEvents;const n="experimental.marks",i="experimental.measures",o="experimental.resources",a=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var s=r(614),c=r(944),u=r(384),l=r(122);const d="[data-nr-mask]",f=()=>{const e={feature_flags:[],experimental:{marks:!1,measures:!1,resources:!1},mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},get feature_flags(){return e.feature_flags},set feature_flags(t){e.feature_flags=t},generic_events:{enabled:!0,autoStart:!0},harvest:{interval:30},jserrors:{enabled:!0,autoStart:!0},logging:{enabled:!0,autoStart:!0},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,autoStart:!0},performance:{get capture_marks(){return e.feature_flags.includes(n)||e.experimental.marks},set capture_marks(t){e.experimental.marks=t},get capture_measures(){return e.feature_flags.includes(i)||e.experimental.measures},set capture_measures(t){e.experimental.measures=t},capture_detail:!0,resources:{get enabled(){return e.feature_flags.includes(o)||e.experimental.resources},set enabled(t){e.experimental.resources=t},asset_types:[],first_party_domains:[],ignore_newrelic:!0}},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:s.wk,inactiveMs:s.BB},session_replay:{autoStart:!0,enabled:!1,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){a(t)?e.mask_selector="".concat(t,",").concat(d):""===t||null===t?e.mask_selector=d:(0,c.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){a(t)?e.block_selector+=",".concat(t):""!==t&&(0,c.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,c.R)(7,t)}},session_trace:{enabled:!0,autoStart:!0},soft_navigations:{enabled:!0,autoStart:!0},spa:{enabled:!0,autoStart:!0},ssl:void 0,user_actions:{enabled:!0,elementAttributes:["id","className","tagName","type"]}}},g={},p="All configuration objects require an agent identifier!";function m(e){if(!e)throw new Error(p);if(!g[e])throw new Error("Configuration for ".concat(e," was never set"));return g[e]}function h(e,t){if(!e)throw new Error(p);g[e]=(0,l.a)(t,f());const r=(0,u.nY)(e);r&&(r.init=g[e])}function v(e,t){if(!e)throw new Error(p);var r=m(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>d});var n=r(122),i=r(384),o=r(154),a=r(324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0,harvester:void 0},l={};function d(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!l[e])throw new Error("Runtime for ".concat(e," was never set"));return l[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");l[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(l[e],"harvestCount")||Object.defineProperty(l[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=l[e])}},324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.283.2",i="PROD",o="CDN"},154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>l,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,l=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>d,x3:()=>u});var n=r(836),i=r(606),o=r(860),a=r(646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};l(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function l(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function d(e="",t="feature",r=!1){if(l(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(990),o=r(371),a=r(646),s=r(607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},l={},d=!1;try{d=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=m(e),l=c.length,d=0;d<l;d++)c[d].apply(a,r);var p=v()[s[e]];p&&p.push([f,e,r,a]);return a},get:h,listeners:m,context:g,buffer:function(e,t){const r=v();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!v()[s[e]]},debugId:r,backlog:d?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:d};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=m(e).concat(t)}function m(e){return n[e]||[]}function h(t){return l[t]=l[t]||e(f,t)}function v(){return f.backlog}}(void 0,"globalEE"),l=(0,n.Zm)();l.ee||(l.ee=u)},646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(566).bz)()},566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(836),i=r(154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>l,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>d});var n=r(154),i=r(863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function l(e,t){a()[e]=t}function d(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},434:(e,t,r)=>{"use strict";r.d(t,{Jt:()=>o,YM:()=>c});var n=r(836),i=r(607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];l(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return l(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,l,d;try{a=this,o=[...arguments],l="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],l],e)}i(r+"start",[o,a,s],l,c);try{return d=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],l,c),e}finally{i(r+"end",[o,a,d],l,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function l(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{A$:()=>o,ET:()=>a,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o={OFF:0,ERROR:1,WARN:2,INFO:3,DEBUG:4,TRACE:5},a="log";n.K7.logging},773:(e,t,r)=>{"use strict";r.d(t,{z_:()=>o,XG:()=>s,TZ:()=>n,rs:()=>i,xV:()=>a});r(154),r(566),r(384);const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(836),i=r(687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},603:(e,t,r)=>{"use strict";r.d(t,{j:()=>K});var n=r(860),i=r(555),o=r(371),a=r(908),s=r(836),c=r(687),u=r(289),l=r(154),d=r(944),f=r(773),g=r(384),p=r(344);const m=["setErrorHandler","finished","addToTrace","addRelease","recordCustomEvent","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],h=["setErrorHandler","finished","addToTrace","addRelease"];var v=r(863),b=r(614),y=r(993);var w=r(646),R=r(434);const A=new Map;function E(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,d.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,R.YM)(i),a=new w.y(s.P);a.level=n.level,a.customAttributes=n.customAttributes;const c=t[r]?.[R.Jt]||t[r];return A.set(c,a),o.inPlace(t,[r],"wrap-logger-",(()=>A.get(c))),i}function _(){const e=(0,g.pV)();m.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,d.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function N(e,t,g=!1){t||(0,c.Ak)(e,"api");const m={};var w=s.ee.get(e),R=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var A="api-",_=A+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(A,n,!0,o||null===r?"session":void 0)(t,r)}function k(){}m.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,v.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},m.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),E(w,e,t,{customAttributes:r,level:i})},h.forEach((e=>{m[e]=j(A,e,!0,"api")})),m.addPageAction=j(A,"addPageAction",!0,n.K7.genericEvents),m.recordCustomEvent=j(A,"recordCustomEvent",!0,n.K7.genericEvents),m.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(A,"setPageViewName",!0)()},m.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,d.R)(40,typeof t)}else(0,d.R)(39,typeof e)},m.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,d.R)(41,typeof e)},m.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,d.R)(42,typeof e)},m.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,d.R)(23,e)}},m[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},m[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},m.interaction=function(e){return(new k).get("object"==typeof e?e:{})};const T=k.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(_+"tracer",[(0,v.t)(),e,r],i,n.K7.spa,w),function(){if(R.emit((o?"":"no-")+"fn-start",[(0,v.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw R.emit("fn-err",[arguments,this,t],r),t}finally{R.emit("fn-end",[(0,v.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[r?(0,v.t)():performance.now(),...arguments],r?null:this,i,w),r?void 0:this}}function I(){r.e(296).then(r.bind(r,778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,d.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{T[e]=j(_,e,void 0,g?n.K7.softNav:n.K7.spa)})),m.setCurrentRouteName=g?j(_,"routeName",void 0,n.K7.softNav):j(A,"routeName",!0,n.K7.spa),m.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,v.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},l.RI?(0,u.GG)((()=>I()),!0):I(),m}var k=r(217),T=r(122);const j={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},I={};var O=r(284);const S=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let P=!1;function K(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:d={},exposed:f=!0}=t;d.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,k.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");I[e]=(0,T.a)(t,j);const r=(0,g.nY)(e);r&&(r.loader_config=I[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},l.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const m=(0,k.D0)(e.agentIdentifier),h=[c.beacon,c.errorBeacon];P||(m.proxy.assets&&(S(m.proxy.assets),h.push(m.proxy.assets)),m.proxy.beacon&&h.push(m.proxy.beacon),_(),(0,g.US)("activatedFeatures",O.B),e.runSoftNavOverSpa&&=!0===m.soft_navigations.enabled&&m.feature_flags.includes("soft_nav")),d.denyList=[...m.ajax.deny_list||[],...m.ajax.block_internal?h:[]],d.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,d),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=N(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),P=!0}},374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>u,K7:()=>s,P3:()=>c,XX:()=>i,qY:()=>n,v4:()=>a});const n="events",i="jserrors",o="browser/blobs",a="rum",s={ajax:"ajax",genericEvents:"generic_events",jserrors:i,logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},c={[s.pageViewEvent]:1,[s.pageViewTiming]:2,[s.metrics]:3,[s.jserrors]:4,[s.spa]:5,[s.ajax]:6,[s.sessionTrace]:7,[s.softNav]:8,[s.sessionReplay]:9,[s.logging]:10,[s.genericEvents]:11},u={[s.pageViewEvent]:a,[s.pageViewTiming]:n,[s.ajax]:n,[s.spa]:n,[s.softNav]:n,[s.metrics]:i,[s.jserrors]:i,[s.sessionTrace]:o,[s.sessionReplay]:o,[s.logging]:"browser/logs",[s.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.283.2.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.283.2.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),l=0;l<u.length;l++){var d=u[l];if(d.getAttribute("src")==r||d.getAttribute("data-webpack")==t+o){s=d;break}}if(!s){c=!0;var f={296:"sha512-2Y8GMAOGF658KnXzOZ/v+DlLch8TBFvV0tTNnOy9wrpvtDa1t5CdZMyX+LubTymBlzPp6NUjllBghMCZqXBPmg=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={374:0,840:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.283.2.PROD"]=self["webpackChunk:NRBA-1.283.2.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(374);var e=i(944),t=i(344),r=i(566);class n{agentIdentifier;constructor(){this.agentIdentifier=(0,r.LA)(16)}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}recordCustomEvent(e,t){return this.#e("recordCustomEvent",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(217);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var l=i(603);var d=i(687),f=i(234),g=i(289),p=i(154),m=i(384);const h=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function v(e){return!!(0,m.dV)().o.MO&&h(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,d.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,d.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(h(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(!this.#t(this.featureName,o))return(0,d.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),t.runtime.harvester.initializedAggregates.push(this.featAggregate),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,d.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return v(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(630);class R extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var A=i(908),E=i(843),_=i(878),x=i(782),N=i(863);class k extends y{static featureName=x.T;constructor(e,t=!0){super(e,x.T,t),p.RI&&((0,E.u)((()=>(0,A.p)("docHidden",[(0,N.t)()],void 0,x.T,this.ee)),!0),(0,_.sp)("pagehide",(()=>(0,A.p)("winPagehide",[(0,N.t)()],void 0,x.T,this.ee))),this.importAggregator(e))}}var T=i(773);class j extends y{static featureName=T.TZ;constructor(e,t=!0){super(e,T.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t){super(),p.gm?(this.features={},(0,m.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(R),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,l.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,m.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[R,k,j],loaderType:"lite"})})()})();</script><link data-next-font="size-adjust" rel="preconnect" href="/" crossorigin="anonymous"/><link nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" rel="preload" href="/_next/static/css/92f230208c8f5fec.css" as="style"/><link nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" rel="stylesheet" href="/_next/static/css/92f230208c8f5fec.css" data-n-g=""/><noscript data-n-css="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1"></noscript><script defer="" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" nomodule="" src="/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/_next/static/chunks/webpack-a707e99c69361791.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/chunks/framework-945b357d4a851f4b.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/chunks/main-46992b6f0e7a85fe.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/chunks/pages/_app-07799d5d5820dde3.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/chunks/4428-b93cdfb398f12a51.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/chunks/pages/plugins/updated-e958e71fe2a5dd94.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/RsIzRDoxGcJZTeqNY4h8D/_buildManifest.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script><script src="/_next/static/RsIzRDoxGcJZTeqNY4h8D/_ssgManifest.js" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1" defer=""></script></head><body data-base-url="https://www.tenable.com" data-ga4-tracking-id=""><div id="__next"><div class="app__wrapper"><header class="banner"><div class="nav-wrapper"><ul class="list-inline nav-brand"><li class="list-inline-item"><a href="https://www.tenable.com"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo.png" alt="Tenable"/></a></li><li class="list-inline-item"><a class="app-name" href="https://www.tenable.com/plugins">Plugins</a></li></ul><ul class="nav-dropdown nav"><li class="d-none d-md-block dropdown nav-item"><a aria-haspopup="true" href="#" class="dropdown-toggle nav-link" aria-expanded="false">Settings</a><div tabindex="-1" role="menu" aria-hidden="true" class="dropdown-menu dropdown-menu-right"><h6 tabindex="-1" class="dropdown-header">Links</h6><a href="https://cloud.tenable.com" role="menuitem" class="dropdown-item">Tenable Cloud<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><a href="https://community.tenable.com/login" role="menuitem" class="dropdown-item">Tenable Community & Support<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" role="menuitem" class="dropdown-item">Tenable University<!-- --> <i class="fas fa-external-link-alt external-link"></i></a><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity<!-- --> <i class="fas fa-info-circle" id="preferredSeverity"></i></div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><span tabindex="-1" class="dropdown-item-text"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></span><div tabindex="-1" class="dropdown-divider"></div><button type="button" tabindex="0" role="menuitem" class="dropdown-item-link dropdown-item">Help</button></div></li></ul><div class="d-block d-md-none"><button type="button" aria-label="Toggle Overlay" class="btn btn-link nav-toggle"><i class="fas fa-bars fa-2x"></i></button></div></div></header><div class="mobile-nav closed"><ul class="flex-column nav"><li class="mobile-header nav-item"><a href="https://www.tenable.com" class="float-left nav-link"><img class="logo" src="https://www.tenable.com/themes/custom/tenable/img/logo-teal.png" alt="Tenable"/></a><a class="float-right mr-2 nav-link"><i class="fas fa-times fa-lg"></i></a></li><li class="nav-item"><a class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/pipeline">Plugins Pipeline</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nessus/families?type=nessus">Nessus Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/was/families?type=was">WAS Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/nnm/families?type=nnm">NNM Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/lce/families?type=lce">LCE Families</a></li><li class="no-capitalize nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/ot/families?type=ot">Tenable OT Security Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/families/about">About Plugin Families</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/release-notes">Release Notes</a></li></div></div><li class="nav-item"><a class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/search">Search Audit Files</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/items/search">Search Items</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/references">References</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/authorities">Authorities</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/audits/documentation">Documentation</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div></div><li class="nav-item"><a class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/search">Search</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioa">Indicators of Attack</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/indicators/ioe">Indicators of Exposure</a></li></div></div><li class="nav-item"><a class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/newest">Newest</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/updated">Updated</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/cve/search">Search</a></li></div></div><li class="nav-item"><a class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques">Overview</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/attack-path-techniques/search">Search</a></li></div></div><ul id="links-nav" class="flex-column mt-5 nav"><li class="nav-item"><a class="nav-link">Links<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse"><li class="nav-item"><a href="https://cloud.tenable.com" class="nav-link">Tenable Cloud</a></li><li class="nav-item"><a href="https://community.tenable.com/login" class="nav-link">Tenable Community & Support</a></li><li class="nav-item"><a href="https://university.tenable.com/lms/index.php?r=site/sso&sso_type=saml" class="nav-link">Tenable University</a></li></div></div><li class="nav-item"><a class="nav-link">Settings<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="collapse"><div class="mobile-collapse py-3"><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-column"><div class="label mb-2">Severity</div><div role="group" class="btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary">VPR</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v2</button><button type="button" class="toggle-btn btn btn-outline-primary">CVSS v3</button><button type="button" class="toggle-btn btn btn-outline-primary active">CVSS v4</button></div></div></li><li class="nav-item"><div class="d-flex justify-content-between toggle-btn-group flex-row"><div class="label">Theme</div><div role="group" class="ml-3 btn-group-sm btn-group"><button type="button" class="toggle-btn btn btn-outline-primary active">Light</button><button type="button" class="toggle-btn btn btn-outline-primary">Dark</button><button type="button" class="toggle-btn btn btn-outline-primary">Auto</button></div></div></li></div></div></ul></ul></div><div class="app__container"><div class="app__content"><div class="card callout callout-alert callout-bg-danger mb-4"><div class="card-body"><h5 class="mb-2 text-white">Your browser is no longer supported</h5><p class="text-white">Please update or use another browser for this application to function correctly.</p></div></div><div class="row"><div class="col-3 col-xl-2 d-none d-md-block"><h6 class="side-nav-heading">Detections</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">Plugins<i class="float-right mt-1 fas fa-chevron-down"></i></a></li><div class="side-nav-collapse collapse show"><li class="false nav-item"><a href="/plugins" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/plugins/pipeline" class="nav-link"><span>Plugins Pipeline</span></a></li><li class="false nav-item"><a href="/plugins/release-notes" class="nav-link"><span>Release Notes</span></a></li><li class="false nav-item"><a href="/plugins/newest" class="nav-link"><span>Newest</span></a></li><li class="active nav-item"><a href="/plugins/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/plugins/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/plugins/nessus/families" class="nav-link"><span>Nessus Families</span></a></li><li class="false nav-item"><a href="/plugins/was/families" class="nav-link"><span>WAS Families</span></a></li><li class="false nav-item"><a href="/plugins/nnm/families" class="nav-link"><span>NNM Families</span></a></li><li class="false nav-item"><a href="/plugins/lce/families" class="nav-link"><span>LCE Families</span></a></li><li class="false nav-item"><a href="/plugins/ot/families" class="nav-link"><span>Tenable OT Security Families</span></a></li><li class="false nav-item"><a href="/plugins/families/about" class="nav-link"><span>About Plugin Families</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Audits<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/audits" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/audits/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/audits/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/audits/search" class="nav-link"><span>Search Audit Files</span></a></li><li class="false nav-item"><a href="/audits/items/search" class="nav-link"><span>Search Items</span></a></li><li class="false nav-item"><a href="/audits/references" class="nav-link"><span>References</span></a></li><li class="false nav-item"><a href="/audits/authorities" class="nav-link"><span>Authorities</span></a></li><li class="false nav-item"><a href="/audits/documentation" class="nav-link"><span>Documentation</span></a></li><li class="nav-item"><a class="nav-link" href="https://www.tenable.com/downloads/download-all-compliance-audit-files">Download All Audit Files</a></li></div><li class="nav-item"><a type="button" class="nav-link">Indicators<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/indicators" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/indicators/search" class="nav-link"><span>Search</span></a></li><li class="false nav-item"><a href="/indicators/ioa" class="nav-link"><span>Indicators of Attack</span></a></li><li class="false nav-item"><a href="/indicators/ioe" class="nav-link"><span>Indicators of Exposure</span></a></li></div></ul><h6 class="side-nav-heading">Analytics</h6><ul class="side-nav bg-white sticky-top nav flex-column"><li class="nav-item"><a type="button" class="nav-link">CVEs<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/cve" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/cve/newest" class="nav-link"><span>Newest</span></a></li><li class="false nav-item"><a href="/cve/updated" class="nav-link"><span>Updated</span></a></li><li class="false nav-item"><a href="/cve/search" class="nav-link"><span>Search</span></a></li></div><li class="nav-item"><a type="button" class="nav-link">Attack Path Techniques<i class="float-right mt-1 fas fa-chevron-right"></i></a></li><div class="side-nav-collapse collapse"><li class="false nav-item"><a href="/attack-path-techniques" class="nav-link"><span>Overview</span></a></li><li class="false nav-item"><a href="/attack-path-techniques/search" class="nav-link"><span>Search</span></a></li></div></ul></div><div class="col-12 col-md-9 col-xl-10"><nav class="d-none d-md-block" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins">Plugins</a></li><li class="active breadcrumb-item" aria-current="page">Updated</li></ol></nav><nav class="d-md-none" aria-label="breadcrumb"><ol class="breadcrumb"><li class="breadcrumb-item"><a href="https://www.tenable.com/plugins"><i class="fas fa-chevron-left"></i> <!-- -->Plugins</a></li></ol></nav><h1 class="mb-3 h2">Recently Updated Plugins</h1><div class="card"><div class="p-3 card-body"><ul class="mb-3 nav nav-pills"><li class="nav-item"><a class="nav-link active" href="https://www.tenable.com/plugins/updated?">All</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=nessus">Nessus</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=was">Web App Scanning</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=nnm">Nessus Network Monitor</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=lce">Log Correlation Engine</a></li><li class="nav-item"><a class="nav-link " href="https://www.tenable.com/plugins/updated?type=ot">Tenable OT Security</a></li></ul><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/updated?type=&page=0">‹‹ <!-- -->Previous<span class="sr-only"> <!-- -->Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 4185<!-- --> <span class="d-none d-sm-inline">• <!-- -->209241 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/updated?type=&page=2"><span class="sr-only">Next</span>Next<!-- --> ››</a></li></ul></nav><div class="table-responsive"><table class="results-table table"><thead><tr><th>ID</th><th>Name</th><th>Product</th><th class="family-header">Family</th><th>Updated</th><th>Severity</th></tr></thead><tbody><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503048">503048</a></td><td>Moxa (CVE-2024-0387)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503046">503046</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Input Validation (CVE-2022-2602)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503045">503045</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-3606)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503044">503044</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use of a Broken or Risky Cryptographic Algorithm (CVE-2022-1434)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503042">503042</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-1882)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503041">503041</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2023-1095)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503040">503040</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Locking (CVE-2022-4129)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503039">503039</a></td><td>Siemens SIMATIC S7-1500 TM MFP BIOS Use After Free (CVE-2022-2585)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503038">503038</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Missing Encryption of Sensitive Data (CVE-2022-26373)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503037">503037</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-3633)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-low">low</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503036">503036</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-4139)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503035">503035</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-1852)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503032">503032</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-40307)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503031">503031</a></td><td>Siemens SIMATIC S7-1500 TM MFP BIOS Use After Free (CVE-2021-42384)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503030">503030</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Incomplete Cleanup (CVE-2022-21125)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503028">503028</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-2959)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503027">503027</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Out-of-bounds Read (CVE-2022-47520)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503026">503026</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Access of Uninitialized Pointer (CVE-2022-42895)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503025">503025</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-3534)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503024">503024</a></td><td>Siemens SIMATIC S7-1500 TM MFP BIOS Missing Encryption of Sensitive Data (CVE-2023-0394)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503022">503022</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3635)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503021">503021</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Resource Shutdown or Release (CVE-2022-3594)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503019">503019</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-42896)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503017">503017</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use of Uninitialized Variable (CVE-2022-42432)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503016">503016</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Authentication (CVE-2022-2503)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503015">503015</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3565)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503014">503014</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-1462)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503012">503012</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Input Validation (CVE-2022-36946)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503011">503011</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-3115)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503009">503009</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Input Validation (CVE-2022-3169)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503008">503008</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-42720)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503007">503007</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-4095)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503006">503006</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3625)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503005">503005</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3649)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503004">503004</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-3303)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/503003">503003</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-41849)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502998">502998</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-2153)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502997">502997</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-42328)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502994">502994</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Resource Shutdown or Release (CVE-2022-1473)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502993">502993</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Out-of-bounds Write (CVE-2022-2274)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502992">502992</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-20566)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502990">502990</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-2586)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502989">502989</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3545)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502988">502988</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Uncontrolled Resource Consumption (CVE-2022-39190)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502987">502987</a></td><td>Siemens SIMATIC S7-1500 TM MFP BIOS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3435)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502986">502986</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-42329)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502985">502985</a></td><td>Siemens SIMATIC S7-1500 TM MFP BIOS Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CVE-2022-23219)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-critical">critical</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502984">502984</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-20422)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-high">high</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502983">502983</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Incomplete Cleanup (CVE-2022-21166)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr><tr><td><a class="no-break" href="https://www.tenable.com/plugins/ot/502982">502982</a></td><td>Siemens SIMATIC S7-1500 TM MFP Linux Kernel Incomplete Cleanup (CVE-2022-0171)</td><td>Tenable OT Security</td><td><a href="https://www.tenable.com/plugins/ot/families/Tenable.ot">Tenable.ot</a></td><td>2/26/2025</td><td><h6 class="m-1"><span class="badge badge-medium">medium</span></h6></td></tr></tbody></table></div><nav class="" aria-label="pagination"><ul class="justify-content-between pagination pagination"><li class="page-item disabled"><a class="page-link page-previous" href="https://www.tenable.com/plugins/updated?type=&page=0">‹‹ <!-- -->Previous<span class="sr-only"> <!-- -->Previous</span></a></li><li class="page-item disabled"><a class="page-link page-text">Page 1 of 4185<!-- --> <span class="d-none d-sm-inline">• <!-- -->209241 Total</span></a></li><li class="page-item"><a class="page-link page-next" href="https://www.tenable.com/plugins/updated?type=&page=2"><span class="sr-only">Next</span>Next<!-- --> ››</a></li></ul></nav></div></div></div></div></div></div><footer class="footer"><div class="container"><ul class="footer-nav"><li class="footer-nav-item"><a href="https://www.tenable.com/">Tenable.com</a></li><li class="footer-nav-item"><a href="https://community.tenable.com">Community & Support</a></li><li class="footer-nav-item"><a href="https://docs.tenable.com">Documentation</a></li><li class="footer-nav-item"><a href="https://university.tenable.com">Education</a></li></ul><ul class="footer-nav footer-nav-secondary"><li class="footer-nav-item">© <!-- -->2025<!-- --> <!-- -->Tenable®, Inc. All Rights Reserved</li><li class="footer-nav-item"><a href="https://www.tenable.com/privacy-policy">Privacy Policy</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/legal">Legal</a></li><li class="footer-nav-item"><a href="https://www.tenable.com/section-508-voluntary-product-accessibility">508 Compliance</a></li></ul></div></footer><div class="Toastify"></div></div></div><script id="__NEXT_DATA__" type="application/json" nonce="nonce-YmEzN2Q3MmUtMjVkZC00MWY4LWFkNmQtZmFlOTQwODczMzI1">{"props":{"pageProps":{"plugins":[{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503048","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"1188","type":"classifiers","url":null},{"id_type":"cve","id":"CVE-2024-0387","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0387"},{"id_type":null,"id":null,"type":"unknown","url":"http://www.nessus.org/u?d69534a3"}],"description":"The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503048","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Moxa (CVE-2024-0387)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N","cvssv3_temporal_score":5.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.4,"cvssv3_temporal_vector_base":"E:U/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:U/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.0","script_family":"Tenable.ot","xrefs":{"CWE":["1188"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503048"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503046","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"20","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2602","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503046","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Input Validation (CVE-2022-2602)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.3,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Tenable.ot","xrefs":{"CWE":["20"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1740528000000,"503046"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503045","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3606","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3606"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503045","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-3606)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["476"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503045"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503044","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"327","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-1434","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1434"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-398330.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503044","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use of a Broken or Risky Cryptographic Algorithm (CVE-2022-1434)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.9,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_temporal_score":5.3,"rating":null,"cvssv2_vector_base":"AV:N/AC:M/Au:N/C:N/I:P/A:N","cvssv3_vector_base":"AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["327"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503044"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503042","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-1882","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1882"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A use-after-free flaw was found in the Linux kernel's pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called.\nThis flaw allows a local user to crash or potentially escalate their privileges on the system.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"503042","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-1882)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.2,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-10","23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740528000000,"503042"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503041","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2023-1095","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1095"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object.\nnft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503041","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2023-1095)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["476"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503041"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503040","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"667","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-4129","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4129"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503040","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Locking (CVE-2022-4129)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["667"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503040"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503039","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2585","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"}],"description":"A use-after-free flaw was found in the Linux kernel's POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503039","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP BIOS Use After Free (CVE-2022-2585)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-10"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503039"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503038","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"311","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-26373","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26373"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503038","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Missing Encryption of Sensitive Data (CVE-2022-26373)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["311"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503038"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503037","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"401","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3633","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3633"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"}],"description":"A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"503037","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-3633)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":3.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:P","cvssv3_temporal_score":3,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":1.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":1.7,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Low","cvssv4_risk_factor":null},"vpr_score":"2.2","script_family":"Tenable.ot","xrefs":{"CWE":["401"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Low","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1740528000000,"503037"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503036","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"401","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-4139","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4139"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"An incorrect TLB flush issue was found in the Linux kernel's GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503036","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Missing Release of Memory after Effective Lifetime (CVE-2022-4139)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["401"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503036"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503035","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-1852","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1852"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A NULL pointer dereference flaw was found in the Linux kernel's KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"503035","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-1852)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":1.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":2.1,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["476"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1740528000000,"503035"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503032","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-40307","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40307"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"An issue was discovered in the Linux kernel through 5.19.8.\ndrivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"503032","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-40307)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":4.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":4.2,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":2.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":3.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-10","23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1740528000000,"503032"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503031","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2021-42384","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-565386.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-419740.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-942865.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109815650/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/document/109817007/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"}],"description":"A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503031","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP BIOS Use After Free (CVE-2021-42384)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.2,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P","cvssv3_temporal_score":6.5,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:S/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-10"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503031"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503030","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"459","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-21125","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21125"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"503030","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Incomplete Cleanup (CVE-2022-21125)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":1.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":2.1,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["459"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1740528000000,"503030"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503028","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"362","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2959","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2959"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503028","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-2959)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.3,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["362"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503028"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503027","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"125","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-47520","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47520"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503027","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Out-of-bounds Read (CVE-2022-47520)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.1,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:C","cvssv3_temporal_score":6.4,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.2,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.2","script_family":"Tenable.ot","xrefs":{"CWE":["125"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503027"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503026","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"824","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-42895","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42895"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435 a732b4e62ba3157a2e\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503026","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Access of Uninitialized Pointer (CVE-2022-42895)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":6.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:A/AC:L/Au:N/C:C/I:N/A:N","cvssv3_temporal_score":5.9,"rating":null,"cvssv2_vector_base":"AV:A/AC:L/Au:N/C:C/I:N/A:N","cvssv3_vector_base":"AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":4.5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.1,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["824"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503026"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503025","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3534","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3534"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability classified as critical has been found in Linux Kernel.\nAffected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"503025","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-3534)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7.2,"rating":null,"cvssv2_vector_base":"AV:A/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.7,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740528000000,"503025"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503024","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"311","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2023-0394","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0394"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"}],"description":"A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel.\nThis flaw causes the system to crash.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503024","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP BIOS Missing Encryption of Sensitive Data (CVE-2023-0394)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["311"],"ICSA":["23-166-10"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503024"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503022","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3635","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3635"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503022","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3635)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.3,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503022"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503021","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"404","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3594","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3594"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503021","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Resource Shutdown or Release (CVE-2022-3594)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":4.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"1.4","script_family":"Tenable.ot","xrefs":{"CWE":["404"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503021"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503019","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-42896","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42896"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://github.com/torvalds /linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"503019","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-42896)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":8.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":7.9,"rating":null,"cvssv2_vector_base":"AV:A/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":6.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":8.3,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740528000000,"503019"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503017","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"457","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-42432","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42432"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503017","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use of Uninitialized Variable (CVE-2022-42432)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":4.4,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:M/C:C/I:N/A:N","cvssv3_temporal_score":4,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:M/C:C/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3.2,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.3,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["457"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503017"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503016","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"287","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2503","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2503"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Dm-verity is used for extending root-of-trust to root filesystems.\nLoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503016","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Authentication (CVE-2022-2503)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":6.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C","cvssv3_temporal_score":6,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:M/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.1,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["287"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503016"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503015","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3565","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3565"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503015","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3565)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503015"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503014","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"362","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-1462","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1462"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"503014","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-1462)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":6.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:P","cvssv3_temporal_score":5.7,"rating":null,"cvssv2_vector_base":"AV:L/AC:M/Au:N/C:P/I:N/A:P","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":2.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":3.3,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"6.0","script_family":"Tenable.ot","xrefs":{"CWE":["362"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Low"},"sort":[1740528000000,"503014"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503012","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"20","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-36946","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36946"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-419740.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-942865.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109821128/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/document/109817007/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb-\u003elen.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"503012","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Input Validation (CVE-2022-36946)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":6.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["20"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"High"},"sort":[1740528000000,"503012"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503011","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3115","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3115"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"An issue was discovered in the Linux kernel through 5.16-rc6.\nmalidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503011","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-3115)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["476"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503011"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503009","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"20","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3169","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3169"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503009","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Input Validation (CVE-2022-3169)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["20"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"503009"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503008","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-42720","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42720"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use- after-free conditions to potentially execute code.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503008","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-42720)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503008"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503007","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-4095","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4095"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503007","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-4095)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503007"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503006","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3625","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3625"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503006","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3625)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503006"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503005","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3649","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3649"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503005","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3649)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.3,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503005"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503004","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"362","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3303","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3303"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"503004","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-3303)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":4.7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":4.2,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":3.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["362"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Low"},"sort":[1740528000000,"503004"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"503003","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"362","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-41849","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41849"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"}],"description":"drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"503003","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-41849)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":4.2,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C","cvssv3_temporal_score":3.8,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:N/C:N/I:N/A:C","cvssv3_vector_base":"AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["362"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"503003"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502998","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"476","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2153","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2153"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502998","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel NULL Pointer Dereference (CVE-2022-2153)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"4.4","script_family":"Tenable.ot","xrefs":{"CWE":["476"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"502998"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502997","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"667","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-42328","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42328"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109954475/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Guests can trigger deadlock in Linux netback driver [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502997","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-42328)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["667"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"502997"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502994","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"404","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-1473","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1473"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-398330.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-419740.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/document/109817007/"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-942865.pdf"}],"description":"The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502994","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Resource Shutdown or Release (CVE-2022-1473)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_temporal_score":6.7,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.7,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["404"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"502994"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502993","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"787","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2274","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2274"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-398330.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109815432/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions.\nThis issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Critical","script_id":"502993","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Out-of-bounds Write (CVE-2022-2274)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":7.8,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":10,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Critical","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["787"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Critical","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Critical"},"sort":[1740528000000,"502993"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502992","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-20566","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20566"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:\nAndroid kernelAndroid ID: A-165329981References: Upstream kernel\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502992","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-20566)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"502992"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502990","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"416","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-2586","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109826613/"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-806742.pdf"}],"description":"A use-after-free flaw was found in nf_tables cross-table in the net/netfilter/nf_tables_api.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502990","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Use After Free (CVE-2022-2586)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7.2,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:F/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:F/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"7.4","script_family":"Tenable.ot","xrefs":{"CWE":["416"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"High","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"High","severity":"Medium"},"sort":[1740528000000,"502990"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502989","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3545","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3545"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109954475/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502989","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3545)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":7,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6.8,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"502989"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502988","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"400","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-39190","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39190"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502988","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Uncontrolled Resource Consumption (CVE-2022-39190)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["400"],"ICSA":["23-166-10","23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"502988"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502987","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"119","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-3435","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3435"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109954475/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"}],"description":"A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502987","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP BIOS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3435)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":4.3,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N","cvssv3_temporal_score":3.9,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:S/C:P/I:N/A:N","cvssv3_vector_base":"AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":3,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"1.4","script_family":"Tenable.ot","xrefs":{"CWE":["119"],"ICSA":["23-166-10"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"502987"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502986","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"667","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-42329","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42329"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109954475/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Guests can trigger deadlock in Linux netback drive. The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502986","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-42329)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["667"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"502986"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502985","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"120","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-23219","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-099606.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/html/ssa-398330.html"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109825816/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"}],"description":"The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"High","script_id":"502985","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP BIOS Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CVE-2022-23219)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":9.8,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_temporal_score":8.8,"rating":null,"cvssv2_vector_base":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvssv3_vector_base":"AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":5.9,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":7.5,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"High","cvssv3_risk_factor":"Critical","cvssv4_risk_factor":null},"vpr_score":"6.7","script_family":"Tenable.ot","xrefs":{"CWE":["120"],"ICSA":["23-166-10"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"High","cvssV3Severity":"Critical","cvssV4Severity":null,"vprSeverity":"Medium","severity":"High"},"sort":[1740528000000,"502985"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502984","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"362","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-10","type":"advisory","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-20422","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20422"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-831302.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-770721.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109945851/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-10"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:\nAndroidVersions: Android kernelAndroid ID: A-237540956References:\nUpstream kernel\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502984","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-20422)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":7,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_temporal_score":6.3,"rating":null,"cvssv2_vector_base":"AV:L/AC:H/Au:S/C:C/I:C/A:C","cvssv3_vector_base":"AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvssv4_vector":null,"cvssv2_temporal_score":4.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"High","cvssv4_risk_factor":null},"vpr_score":"5.9","script_family":"Tenable.ot","xrefs":{"CWE":["362"],"ICSA":["23-166-10","23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Medium","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"High","cvssV4Severity":null,"vprSeverity":"Medium","severity":"Medium"},"sort":[1740528000000,"502984"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502983","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"459","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-21166","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21166"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Low","script_id":"502983","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Incomplete Cleanup (CVE-2022-21166)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvssv4_vector":null,"cvssv2_temporal_score":1.6,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":2.1,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Low","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["459"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Low","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Low"},"sort":[1740528000000,"502983"]},{"_index":"1730140894687_plugin_en_us_ot","_type":"_doc","_id":"502982","_score":null,"_source":{"plugin_modification_date":"2025-02-26T00:00:00","references":[{"id_type":"CWE","id":"459","type":"classifiers","url":null},{"id_type":"ICSA","id":"23-166-11","type":"advisory","url":null},{"id_type":"cve","id":"CVE-2022-0171","type":"vulnerability","url":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0171"},{"id_type":null,"id":null,"type":"unknown","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794697.pdf"},{"id_type":null,"id":null,"type":"unknown","url":"https://support.industry.siemens.com/cs/ww/en/view/109827684/"},{"id_type":null,"id":null,"type":"unknown","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11"}],"description":"A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.","risk_factor":"Medium","script_id":"502982","available_languages":["en_US"],"synopsis":"The remote OT asset is affected by a vulnerability.","script_name":"Siemens SIMATIC S7-1500 TM MFP Linux Kernel Incomplete Cleanup (CVE-2022-0171)","language_code":"en_US","supported_sensors":[{"label":"Tenable OT Security","value":"ot_security"}],"solution":"Refer to the vendor advisory.","plugin_type":"remote","sensor":"tenable_ot","plugin_publication_date":"2025-02-25T00:00:00","cvss":{"cvssv3_score":5.5,"cvssv4_score":null,"cvssv3_environmental_vector":null,"cvssv2_vector":"CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_temporal_score":5,"rating":null,"cvssv2_vector_base":"AV:L/AC:L/Au:S/C:N/I:N/A:C","cvssv3_vector_base":"AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C","cvssv3_environmental_score":null,"cvssv3_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvssv4_vector":null,"cvssv2_temporal_score":3.4,"source":null,"cvssv2_environmental_score":null,"cvssv2_temporal_vector":null,"cvssv4_threat_vector":null,"cvssv2_score":4.6,"cvssv3_temporal_vector_base":"E:P/RL:O/RC:C","cvssv3_version":"3.0","cvssv4_threat_score":null,"cvssv3_temporal_vector":"CVSS:3.0/E:P/RL:O/RC:C","cvssv2_temporal_vector_base":null,"cvssv2_environmental_vector":null,"cvssv2_risk_factor":"Medium","cvssv3_risk_factor":"Medium","cvssv4_risk_factor":null},"vpr_score":"3.6","script_family":"Tenable.ot","xrefs":{"CWE":["459"],"ICSA":["23-166-11"]},"pluginPublicationDate":"2/25/2025","pluginModificationDate":"2/26/2025","locale":"en","availableLocales":["en"],"vpr_risk_factor":"Low","cisaKnownExploitedDate":null,"configurationMessages":[],"cvssV2Severity":"Medium","cvssV3Severity":"Medium","cvssV4Severity":null,"vprSeverity":"Low","severity":"Medium"},"sort":[1740528000000,"502982"]}],"total":209241,"page":1,"type":"","apiUrl":"https://www.tenable.com/plugins/api/v1/all?sort=updated\u0026page=1\u0026type="},"cookies":{},"user":null,"flash":null,"env":{"baseUrl":"https://www.tenable.com","host":"www.tenable.com","ga4TrackingId":""},"isUnsupportedBrowser":true,"__N_SSP":true},"page":"/plugins/updated","query":{},"buildId":"RsIzRDoxGcJZTeqNY4h8D","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"locale":"en","locales":["en","de","es","fr","ja","ko","zh-CN","zh-TW"],"defaultLocale":"en","domainLocales":[{"domain":"www.tenable.com","defaultLocale":"en"},{"domain":"de.tenable.com","defaultLocale":"de"},{"domain":"es-la.tenable.com","defaultLocale":"es"},{"domain":"fr.tenable.com","defaultLocale":"fr"},{"domain":"jp.tenable.com","defaultLocale":"ja"},{"domain":"kr.tenable.com","defaultLocale":"ko"},{"domain":"www.tenablecloud.cn","defaultLocale":"zh-CN"},{"domain":"zh-tw.tenable.com","defaultLocale":"zh-TW"}],"scriptLoader":[]}</script></body></html>