Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary m...
8.1AI Score
0.084EPSS
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
7.5CVSS
7.5AI Score
0.002EPSS
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and...
7.8CVSS
7.5AI Score
0.0004EPSS
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view...
5.3CVSS
3.9AI Score
0.0004EPSS
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
7.3CVSS
7.1AI Score
0.001EPSS
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.
7.5CVSS
8AI Score
0.002EPSS