GCVE - cpe:2.3:a:mb_connect_line:mbnet/mbnet.rokey:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:mb_connect_line:mbnet/mbnet.rokey:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Mb Connect Line (`40f64ffd-1097-56cb-a890-2fe37828274d`)
Product	Mbnet/Mbnet.Rokey (`751328a9-c7aa-5b6c-8f0c-601a1350f658`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-40852`	vulnerable	2026-06-08 08:01:21.049976	Command injection via malicious configuration HIGH (7.2) A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality, integrity and availability. Published: 2026-05-27T08:06:36.875Z Updated: 2026-05-27T11:54:17.274Z Open on db.gcve.eu Reference links https://www.certvde.com/en/advisories/VDE-2026-054/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-40851`	vulnerable	2026-06-08 08:01:21.043051	Command injection via USB HIGH (8.4) A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability. Published: 2026-05-27T08:06:21.815Z Updated: 2026-05-27T11:54:33.819Z Open on db.gcve.eu Reference links https://www.certvde.com/en/advisories/VDE-2026-054/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-41688`	vulnerable	2026-06-08 07:25:07.223470	High Privilege RCE via LUA Sandbox Escape HIGH (7.2) A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox. Published: 2025-07-31T10:02:49.655Z Updated: 2025-07-31T13:17:23.918Z Open on db.gcve.eu Reference links https://certvde.com/de/advisories/VDE-2025-065 https://certvde.com/de/advisories/VDE-2025-069	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-45273`	vulnerable	2026-06-08 06:45:55.790556	MB connect line/Helmholz: Weak encryption of configuration file HIGH (8.4) An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. Published: 2024-10-15T10:27:52.208Z Updated: 2024-10-16T17:47:04.737Z Open on db.gcve.eu Reference links https://cert.vde.com/en/advisories/VDE-2024-056 https://cert.vde.com/en/advisories/VDE-2024-066 https://cert.vde.com/en/advisories/VDE-2024-068 https://cert.vde.com/en/advisories/VDE-2024-069	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.