Security Advisories

January 2, 2025

SummarySeverityAffected VersionCVE IDOfficial fix
An issue was discovered in Elspec G5 digital fault recorder. A buffer overflow vulnerability may allow an attacker to execute arbitrary code on the operating system.Highv1.2.1.12 and olderCVE-2024-46601V1.2.2.19
An issue was discovered in Elspec G5 digital fault recorder. A stored cross-site scripting (XSS) vulnerability may allow an attacker to execute arbitrary web scripts or HTML.Highv1.2.1.12 and olderCVE-2024-46602V1.2.2.19
An issue was discovered in Elspec G5 digital fault recorder. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a crafted XML payload.Highv1.2.1.12 and olderCVE-2024-46603V1.2.2.19

Elspec recognizes the valuable contribution of Michael Messner, Caio Farias and Benedikt KĂĽhne from Siemens Energy in the discovery of these CVEs.

March 18, 2024

SummarySeverityAffected VersionCVE IDOfficial fix
An issue was discovered in Elspec G5 digital fault recorder. The SQLite database file has weak permissions.Mediumv1.1.4.15 and olderCVE-2024-22077V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to escalate from user privileges to administrative privileges.Mediumv1.1.4.15 and olderCVE-2024-22078V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. Directory traversal can occur via the system logs download mechanism.Mediumv1.1.4.15 and olderCVE-2024-22079V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. Unauthenticated memory corruption can occur during XML body parsing.Highv1.1.4.15 and olderCVE-2024-22080V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism.Highv1.1.4.15 and olderCVE-2024-22081V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. Unauthenticated directory listing can occur: the web interface cay be abused by an attacker get a better understanding of the operating system.Mediumv1.1.4.15 and olderCVE-2024-22082V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. A hardcoded backdoor session ID exists that can be used for further access to the device, including reconfiguration tasks.Highv1.1.4.15 and olderCVE-2024-22083V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. Cleartext passwords and hashes are exposed through log filesMediumv1.1.4.15 and olderCVE-2024-22084V1.2.1.12
An issue was discovered in Elspec G5 digital fault recorder. The shadow file is world readableMediumv1.1.4.15 and olderCVE-2024-22085V1.2.1.12
Outdated vsftpd service with known DoS issueMediumv1.1.4.15 and olderCVE-2021-30047V1.2.1.12

Elspec recognizes the valuable contribution of Michael Messner and Benedikt KĂĽhne from Siemens Energy in the discovery of these CVEs.