Hms-networks Ewon Cosy+ Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Hms-networks Ewon Cosy+ Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-33897 — CVSS 9.1 (critical): A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in…
CVE-2024-33894 — CVSS 8.8 (high): Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing…
CVE-2024-33892 — CVSS 7.5 (high): Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible…
CVE-2024-33896 — CVSS 7.2 (high): Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper…
CVE-2024-33895 — CVSS 6.6 (medium): Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration…
CVE-2024-33893 — CVSS 6.1 (medium): Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to…