EUVD-2022-34309

Malicious code in bioql PyPI...

CVE-2024-45368 AutomationDirect DirectLogic H2-DM1E Session Fixation

The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execution, namely its acceptance of multiple distinct packets as valid authentication responses. This...

CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC...

CVE-2022-2004 AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption

AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to...

CVE-2022-2004 AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption

AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to...

VulnCheck KEV: CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect...

AutomationDirect DirectLOGIC 安全漏洞

AutomationDirect DirectLOGIC is a programmable logic controller from AutomationDirect, Inc. A security vulnerability in AutomationDirect DirectLOGIC, which can be exploited by an attacker to cause loss of sensitive device information, unauthorized changes, and denial of service conditions, affect...

AutomationDirect DirectLOGIC 安全漏洞

AutomationDirect DirectLOGIC is a programmable logic controller from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect DirectLOGIC that originates from an attack by a specially crafted serial message sent to the CPU serial port that causes the PLC to respond to the PLC...

CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC...