Published Advisories

 

Our dedicated security labs help vendors improve the security of their solutions, that allows users to avoid cyber-attacks from the vulnerabilities that exist. The vulnerabilities are reported to vendors, and later released to the public through coordinated disclosure. The following is a list of all publicly disclosed vulnerabilities discovered by xen1thLabs researchers.

 

XID

CVE

Affected Vendor(s)

Published

 

XL-19-001

CVE-2019-1716

Cisco Systems

26 March 2019

                         Cisco IP Phone WebUI Remote Code Execution Vulnerability

 

XL-19-002

CVE-2019-10886

Sony

23 April 2019

                         Sony Smart TV Photo Sharing Plus Arbitrary File Read Vulnerability

 

XL-19-003

CVE-2019-11336

Sony

23 April 2019

                         Sony Smart TV Photo Sharing Plus Information Disclosure Vulnerability

 

XL-19-004

CVE-2019-7230

ABB (new.abb.com)

17 June 2019

                         ABB IDAL FTP Server Uncontrolled Format String Vulnerability

 

XL-19-005

CVE-2019-7229

ABB (new.abb.com)

17 June 2019

                         ABB HMI Absence of Signature Verification Vulnerability

​ 

XL-19-006

Multiple

ABB (new.abb.com)

17 June 2019

                         ABB HMI Outdated Software Components

 

XL-19-007

CVE-2019-7231

ABB (new.abb.com)

17 June 2019

                         ABB IDAL FTP Server Buffer Overflow Vulnerability

 

XL-19-008

CVE-2019-7227

ABB (new.abb.com)

17 June 2019

                         ABB IDAL FTP Server Path Traversal Vulnerability

 

XL-19-009

CVE-2019-7225

ABB (new.abb.com)

17 June 2019

                         ABB HMI Hardcoded Credentials Vulnerability

 

XL-19-010

CVE-2019-7226

ABB (new.abb.com)

17 June 2019

                         ABB IDAL HTTP Server Authentication Bypass Vulnerability

 

XL-19-011

CVE-2019-7232

ABB (new.abb.com)

17 June 2019

                         ABB IDAL HTTP Server Stack-Based Buffer Overflow Vulnerability

 

XL-19-012

CVE-2019-7228

ABB (new.abb.com)

17 June 2019

                         ABB IDAL HTTP Server Uncontrolled Format String Vulnerability