Browse all 4 CVE security advisories affecting Microcom. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Microcom develops embedded communication systems for industrial control networks. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. The company has faced scrutiny for delayed patching practices, with four CVEs documented to date. Notable security characteristics include legacy systems with outdated components and limited authentication mechanisms. While no major public incidents have been reported, the accumulation of unpatched vulnerabilities in critical infrastructure environments presents significant risks. Their products typically lack robust security features, making them attractive targets for exploitation in industrial espionage or sabotage scenarios.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13651 | LEAK OF SENSITIVE INFORMATION ON MICROCOM'S ZEUSWEB — ZeusWebCWE-497 | 7.5AI | HighAI | 2026-02-11 |
| CVE-2025-13650 | REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB — ZeusWebCWE-79 | 6.1AI | MediumAI | 2026-02-11 |
| CVE-2025-13649 | REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB — ZeusWebCWE-79 | 5.4AI | MediumAI | 2026-02-11 |
| CVE-2025-13648 | STORED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB — ZeusWebCWE-79 | 5.4AI | MediumAI | 2026-02-11 |
This page lists every published CVE security advisory associated with Microcom. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.