Browse all 43 CVE security advisories affecting Nozomi Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nozomi Networks specializes in industrial cybersecurity, providing visibility and threat detection for operational technology environments. The company’s software solutions monitor critical infrastructure, including energy, manufacturing, and transportation sectors, to identify anomalies in network traffic and device behavior. Historically, the platform has been associated with forty-three recorded Common Vulnerabilities and Exposures, primarily involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from improper input validation or insufficient access controls within the management interfaces. While no catastrophic breaches directly attributed to these specific CVEs have been widely publicized, the high count indicates recurring issues in authentication mechanisms and session management. The security profile suggests that while the core detection engine is robust, the administrative components require rigorous patching and hardening to prevent unauthorized access. Continuous updates are essential to mitigate risks associated with these known weaknesses in the industrial IoT landscape.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-40896 | Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 — ArcCWE-295 | 6.5 | Medium | 2026-03-04 |
| CVE-2023-5938 | Path traversal via 'zip slip' in Arc before v1.6.0 — ArcCWE-22 | 8.0 | High | 2024-05-15 |
| CVE-2023-5937 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 — ArcCWE-538 | 3.8 | Low | 2024-05-15 |
| CVE-2023-5936 | Unsafe temporary data privileges on Unix systems in Arc before v1.6.0 — ArcCWE-732 | 7.8 | High | 2024-05-15 |
| CVE-2023-5935 | Missing authentication for local web interface in Arc before v1.6.0 — ArcCWE-306 | 7.4 | High | 2024-05-15 |
This page lists every published CVE security advisory associated with Nozomi Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.