PT-2024-3884 · Automationdirect · P3-550E

Name of the Vulnerable Software and Affected Versions: AutomationDirect P3-550E version 1.2.10.9 Description: The issue is related to out-of-bounds write vulnerabilities in the Programming Software Connection FileSystem API functionality. Specially crafted network packets can lead to heap-based...

PT-2024-3885 · Automationdirect · P3-550E

Name of the Vulnerable Software and Affected Versions: AutomationDirect P3-550E version 1.2.10.9 Description: The issue is related to out-of-bounds write vulnerabilities in the Programming Software Connection FileSystem API functionality. Specially crafted network packets can lead to heap-based...

PT-2024-3908 · Automationdirect · Automationdirect P3-550E

Name of the Vulnerable Software and Affected Versions: AutomationDirect P3-550E version 1.2.10.9 Description: The issue is related to out-of-bounds write vulnerabilities in the Programming Software Connection FileSystem API functionality. Specially crafted network packets can lead to heap-based...

The vulnerability of the AutomationDirect C-MORE EA9 HMI software’s microprogramming system, related to unencrypted storage of critical information, allows a intruder to gain unauthorized access to protected data.

The vulnerability of the Microprogrammed Control Panel Software of AutomationDirect C-MORE EA9 HMI relates to the unencrypted storage of critical information. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

The vulnerability of the AutomationDirect C-MORE EA9 HMI software-related to incorrect restrictions on path names in the restricted access catalog allows a intruder to trigger a service failure.

The vulnerability of the Microprogrammed Control Panel Software of AutomationDirect C-MORE EA9 HMI is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to trigger a service failure...

CVE-2024-25138

In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on the device...

CVE-2024-25136

There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content...

CVE-2024-25137

In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions...

CVE-2024-25138 AutomationDirect C-MORE EA9 HMI Plaintext Storage of a Password

In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on the device...

CVE-2024-25138 AutomationDirect C-MORE EA9 HMI Plaintext Storage of a Password

In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on the device...

CVE-2024-25138

The CVE-2024-25138 entry affects AutomationDirect C-MORE EA9 HMI, where credentials are stored in plaintext on the device. The vulnerability stems from plaintext storage of passwords in the EA9 HMI platform, enabling exposure of authentication data. CISA/ICS advisory notes potential remote exploi...

CVE-2024-25137 AutomationDirect C-MORE EA9 HMI Stack-based Buffer Overflow

In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions...

CVE-2024-25137 AutomationDirect C-MORE EA9 HMI Stack-based Buffer Overflow

In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions...

CVE-2024-25137

The CVE-2024-25137 vulnerability affects AutomationDirect C-MORE EA9 HMI. A program copies a user-controlled buffer into a smaller stack buffer, causing a stack-based overflow that leads to denial-of-service conditions. Affected products include multiple EA9 HMI variants (EA9-T6CL, T7CL, T8CL, T1...

CVE-2024-25136 AutomationDirect C-MORE EA9 HMI Path Traversal

There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content...

CVE-2024-25136

CVE-2024-25136 affects AutomationDirect C-MORE EA9 HMI. The vulnerability is a path traversal flaw where a function allows a relative URL path to be sent without proper sanitization, enabling remote exploitation with low attack complexity. Public sources (ICS advisory ICSA-24-086-01) state vulner...

CVE-2024-25136 AutomationDirect C-MORE EA9 HMI Path Traversal

There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content...

AutomationDirect C-MORE EA9 HMI

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AutomationDirect Equipment : C-MORE EA9 HMI Vulnerabilities : Path Traversal, Stack-Based Buffer Overflow, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...

PT-2024-2711 · Automationdirect · C-More Ea9 Hmi

Name of the Vulnerable Software and Affected Versions: AutomationDirect C-MORE EA9 HMI affected versions not specified Description: The issue is related to the storage of critical information in plain text, which could allow an attacker to gain unauthorized access to protected information...

AutomationDirect C-MORE EA9 HMI 安全漏洞

The AutomationDirect C-MORE EA9 HMI is a touchscreen from AutomationDirect, Inc. A security vulnerability exists in the AutomationDirect C-MORE EA9 HMI that originates from a stack overflow caused by copying a buffer of user-controlled size to a buffer of limited size on the stack...