Lucene search
K

141 matches found

CNVD
CNVD
added 2025/02/06 12:0 a.m.6 views

SunGrow WiNet-S TLV Field Stack Buffer Overflow Vulnerability

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A stack buffer overflow vulnerability exists in the SunGrow WiNet-S TLV field that originates from code that does not have sufficient boundary checks when parsing a specific TLV field. An attacker could exploit this vulnerability ...

8.1CVSS8.1AI score0.00429EPSS
Exploits0References1
CNVD
CNVD
added 2025/02/06 12:0 a.m.7 views

Unspecified Vulnerability in SunGrow WiNet-S

SunGrow WiNet-S is a LAN communication module from SunGrow, China. A security vulnerability exists in SunGrow WiNet-S version V200.001.00.P027 and prior versions, which can be exploited by an attacker to decrypt all firmware updates...

6.5CVSS6.9AI score0.00238EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/18 12:0 a.m.4 views

The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP allows a perpetrator to cause service failures.

The vulnerability of the web servers of the microprogramming software for communication modules of SIMATIC CP, SIPLUS ET, and SIPLUS NET CP is related to the mutual blocking of execution streams. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.3AI score0.00723EPSS
Exploits0References4Affected Software22
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.4 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which arises from an out-of-bounds read vulnerability contained in the WLAN Host Communication module...

8.4CVSS6.6AI score0.00114EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.5 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which arises from an out-of-bounds read vulnerability contained in the WLAN Host Communication module...

7.5CVSS6.7AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2024/07/09 12:15 p.m.9 views

CVE-2024-38867

A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions V9.64, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions V9.64, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions V9.64, SIPROTEC 5 6MD89 CP300 All versions V9.64, SIPROTEC 5...

8.2CVSS0.00205EPSS
Exploits0References1
CNVD
CNVD
added 2024/06/12 12:0 a.m.6 views

Siemens TIM 1531 IRC Digit Type Error Conversion Vulnerability

The TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300. The Siemens TIM 1531 IRC suffers from a number type miscommunication vulnerability that can be exploited by an attacker to cause a denial of service condition on an affected device...

7.5CVSS6.7AI score0.00622EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/21 12:0 a.m.8 views

The vulnerability of the microprogramming software for Rockwell Automation communication modules 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK, 1756-EN4TR, 1756-EN4TRK, and 1756-EN4TRXT controllers from the Allen-Bradley ControlLogix series allows a intruder to cause a service failure.

The vulnerability of the microprogrammed software in the communication modules of Rockwell Automation’s controllers models 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK, 1756-EN4TR,...

7.8CVSS7.8AI score0.0209EPSS
Exploits0References4Affected Software37
Cvelist
Cvelist
added 2023/07/12 12:51 p.m.27 views

CVE-2023-3596 Rockwell Automation Allen-Bradley ControlLogix Communication Modules vulnerable to Denial of Service

Where this vulnerability exists in the Rockwell Automation 1756-EN4 Ethernet/IP communication products, it could allow a malicious user to cause a denial of service by asserting the target system through maliciously crafted CIP messages...

7.5CVSS7.5AI score0.0209EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/13 8:14 a.m.36 views

CVE-2023-0888 Authenticated eval injection in B. Braun Space Battery pack SP with Wi-Fi

An improper neutralization of directives in dynamically evaluated code vulnerability in the WiFi Battery embedded web server in versions L90/U70 and L92/U92 can be used to gain administrative access to the WiFi communication module. An authenticated user, having access to both the medical device...

4.9CVSS7.3AI score0.00604EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.31 views

K45062506: Siemens Ethernet card DoS vulnerabilities CVE-2018-11451 and CVE-2018-11452

Security Advisory Description CVE-2018-11451 A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions,...

7.8CVSS7.4AI score0.02389EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/01/05 12:0 a.m.26 views

Siemens SIPROTEC 5 Devices Uncontrolled Resource Consumption (CVE-2022-45044)

Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack. This plugin only works with Tenable.ot. Please...

7.5CVSS5.7AI score0.00699EPSS
Exploits0References3
CNVD
CNVD
added 2022/12/14 12:0 a.m.30 views

Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87983)

SIMATIC Drive Controllers for the automation of production machines combine the functionality of SIMATIC S7-1500 CPUs with that of SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. Includes optional visualization features and...

7.5CVSS5.6AI score0.00617EPSS
Exploits0References1
CNVD
CNVD
added 2022/12/14 12:0 a.m.30 views

Siemens Industrial Product Denial of Service Vulnerability

SIMATIC Drive Controllers for the automation of production machines combine the functionality of SIMATIC S7-1500 CPUs with that of SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. Includes optional visualization features and...

7.5CVSS7.5AI score0.00871EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/07/28 12:0 a.m.42 views

Schneider Electric Modicon Path Traversal (CVE-2022-34762)

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...

7.5CVSS7.1AI score0.00612EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/27 12:0 a.m.40 views

Schneider Electric Modicon Out-of-bounds Write (CVE-2022-34759)

A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior - A...

7.5CVSS7.2AI score0.0067EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/27 12:0 a.m.40 views

Schneider Electric Modicon NULL Pointer Dereference (CVE-2022-34761)

A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior - A...

7.5CVSS7.1AI score0.00763EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.42 views

Schneider Electric Modicon Exposure of Resource to Wrong Sphere (CVE-2022-34765)

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user- controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication...

5.5CVSS6AI score0.00485EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.50 views

Schneider Electric Modicon Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-34764)

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prio...

7.5CVSS7.1AI score0.0059EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.8 views

The vulnerabilities of the microprogramming software for the OPC UA Modicon Communication Module (BMENUA0100) and the X80 advanced RTU Communication Module (BMENOR2200H) allow attackers to cause service interruptions.

The vulnerability of the microprogramming software for the OPC UA Modicon Communication Module BMENUA0100 and the X80 advanced RTU Communication Module BMENOR2200H is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker operating remotely ...

5.9CVSS7.2AI score0.00251EPSS
Exploits0References2
Rows per page
Query Builder