Vulnerable Assets Library

A searchable database of maritime OT equipment with known vulnerabilities — covering navigation systems, engine automation, power management, and vessel control CBS from major marine vendors. Search by vendor, product family, or CVE ID to check whether equipment on your vessel has documented vulnerabilities requiring attention or patch management action.

Searchable by vendor CVE referenced Marine OT vendors Continuously updated

Audit Level: Tactical

Records optimised: 30.06.2026 17:00 UTC

CVE-2022-37062 — Teledyne FLIR: n/a

Published: 2022-08-18 | Updated: 2025-10-17

N/A 0

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.

CVSS VECTOR: N/A

NVD Record ↗ | Vendor Advisory / Fix ↗

← Back to full Vulnerable Assets Library

Get new CVE entries like these in your inbox weekly. Subscribe →

Disclaimer & Methodology

The Marine OT Vulnerable Assets Library is a curated repository of security advisories identified through automated heuristic filtering. Users should verify hardware revisions with manufacturers before patching.