{"vulnerability": "CVE-2020-2729", "sightings": [{"uuid": "47dd4fbe-ad95-4a80-b3da-db4effb5ed1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27290", "type": "seen", "source": "https://t.me/cibsecurity/24934", "content": "\u203c CVE-2020-27290 \u203c\n\nIn Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an information disclosure vulnerability in the ventilator allows attackers with physical access to the configuration interface's logs to get valid checksums for tampered configuration files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-16T01:29:29.000000Z"}, {"uuid": "be56fb3b-5ab3-4ae1-950a-1a682085a766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27297", "type": "seen", "source": "https://t.me/cibsecurity/22671", "content": "\u203c CVE-2020-27297 \u203c\n\nThe affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-26T22:36:24.000000Z"}, {"uuid": "3c7e4510-09ab-40ac-9703-93ed137ef4f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27295", "type": "seen", "source": "https://t.me/cibsecurity/22669", "content": "\u203c CVE-2020-27295 \u203c\n\nThe affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-26T22:36:22.000000Z"}, {"uuid": "0f1febfb-0894-4a63-84a8-c1c7b44751b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27299", "type": "seen", "source": "https://t.me/cibsecurity/22668", "content": "\u203c CVE-2020-27299 \u203c\n\nThe affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-26T22:36:21.000000Z"}, {"uuid": "d224093f-c663-444a-9102-ee30b200c60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27298", "type": "seen", "source": "https://t.me/cibsecurity/22631", "content": "\u203c CVE-2020-27298 \u203c\n\nPhilips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). The software constructs all or part of an OS command using externally influenced input from an upstream component but does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when sent to a downstream component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-26T20:46:26.000000Z"}]}