5.3
CVE-2025-67653 - Advantech WebAccess/SCADA Path Traversal
Advantech WebAccess/SCADAΒ is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files.
7.7
CVE-2025-62004 - BullWall Server Intrusion Protection (SIP) initialization race condition
BullWall Server Intrusion Protection (SIP) services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were not subject to SIP β¦
7.7
CVE-2025-62003 - BullWall Server Intrusion Protection RDP MFA connection delay
BullWall Server Intrusion Protection has a noticeable configuration-dependent delay before the MFA check for RDP connections. A remote, authenticated attacker can potentially bypass detection during this delay. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also beβ¦
5.3
CVE-2025-46268 - Advantech WebAccess/SCADA SQL Injection
Advantech WebAccess/SCADAΒ is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands.
5.3
CVE-2025-14848 - Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files.
5.3
CVE-2025-62002 - BullWall Ransomware Containment file count detection bypass
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection caβ¦
8.7
CVE-2025-14849 - Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADAΒ is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code.
8.7
CVE-2025-62001 - BullWall Ransomware Containment hard-coded folder exclusions
BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and 5.0.0β¦
6.9
CVE-2025-62000 - BullWall Ransomware Containment incomplete file inspection
BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a specific file inspection method that evaluates file content based on header bytes. An authenticated attacker could encrypt files, preserving the first four bytes and preventing this particular method from β¦
7.2
CVE-2025-14850 - Advantech WebAccess/SCADA Improper Limitation of a Pathname to a Restricted Directory
Advantech WebAccess/SCADAΒ is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files.