Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Nozomi Networks — Vulnerabilities & Security Advisories 43

Browse all 43 CVE security advisories affecting Nozomi Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Nozomi Networks specializes in industrial cybersecurity, providing visibility and threat detection for operational technology environments. The company’s software solutions monitor critical infrastructure, including energy, manufacturing, and transportation sectors, to identify anomalies in network traffic and device behavior. Historically, the platform has been associated with forty-three recorded Common Vulnerabilities and Exposures, primarily involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from improper input validation or insufficient access controls within the management interfaces. While no catastrophic breaches directly attributed to these specific CVEs have been widely publicized, the high count indicates recurring issues in authentication mechanisms and session management. The security profile suggests that while the core detection engine is robust, the administrative components require rigorous patching and hardening to prevent unauthorized access. Continuous updates are essential to mitigate risks associated with these known weaknesses in the industrial IoT landscape.

Top products by Nozomi Networks: Guardian Arc CMC
CVE IDTitleCVSSSeverityPublished
CVE-2023-2567 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 — GuardianCWE-89 8.8 High2023-09-19
CVE-2023-23903 DoS via SAML configuration in Guardian/CMC before 22.6.2 — GuardianCWE-1286 4.9 Medium2023-08-09
CVE-2023-24015 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 — GuardianCWE-1286 4.3 Medium2023-08-09
CVE-2023-24471 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 — GuardianCWE-863 6.5 Medium2023-08-09
CVE-2023-22843 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 — GuardianCWE-79 6.4 Medium2023-08-09
CVE-2023-23574 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 — GuardianCWE-89 8.8 High2023-08-09
CVE-2023-22378 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 — GuardianCWE-89 8.8 High2023-08-09
CVE-2023-24477 Session Fixation in Guardian/CMC before 22.6.2 — GuardianCWE-384 7.0 High2023-08-09
CVE-2022-4259 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 — CMCCWE-89 8.8 High2023-05-04
CVE-2022-0551 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 — GuardianCWE-20 7.2 High2022-03-24
CVE-2022-0550 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 — GuardianCWE-20 7.2 High2022-03-24
CVE-2021-26724 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 — GuardianCWE-78 7.2 High2021-02-22
CVE-2021-26725 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 — GuardianCWE-24 7.2 High2021-02-22

This page lists every published CVE security advisory associated with Nozomi Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.