NVD disclosure day

Published threat advisories for September 9, 2020

CVE-2020-15786

Siemens HMI Panels: Brute-Force Access Risk

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

Siemens SIMATIC HMI panels are affected by a vulnerability allowing remote attackers to discover user passwords and gain unauthorized access to the Sm@rt Server via brute-force attacks. This poses a risk to operational systems and sensitive data.

NVD published: September 9, 2020

CVE advisoryKnown Exploit

CVE-2020-25213

WordPress File Manager Plugin: Arbitrary Code Execution Risk.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

The File Manager plugin for WordPress contains a vulnerability allowing remote attackers to execute arbitrary PHP code. This can lead to unauthorized code execution and potential compromise of affected systems. Organizations should identify and mitigate this risk.

NVD published: September 9, 2020 • CISA KEV