183 matches found
Siemens SINUMERIK MC
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SINUMERIK MC Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow local attackers to escalate privileges to root. 3. TECHNICAL DETAILS...
FATEK Automation FvDesigner
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to...
Ricon Mobile Industrial Cellular Router
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Ricon Mobile, Inc. Equipment: Industrial Cellular Router Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
Omron CX-One
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...
WECON LeviStudioU
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...
Mitsubishi Electric GX Works2
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/high attack complexity Vendor: Mitsubishi Electric Equipment: GX Works2 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability may cause a...
Hitachi Energy PCM600 Update Manager
1. EXECUTIVE SUMMARY CVSS v3 6.7 Vendor: Hitachi Energy Equipment: PCM600 Update Manager Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass the certificate validation and install an untrusted software...
Siemens NX JT Translator
1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: Siemens Equipment: NX Vulnerabilities: Out-of-bounds Read, Access of Uninitialized Pointer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to access violation and arbitrary code execution on...
Johnson Controls exacqVision Server Bundle
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Exacq Technologies, a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Server Bundle Vulnerability: Improper Privilege Management= 2. RISK EVALUATION Successful exploitation of this...
Johnson Controls Sensormatic Electronics KT-1
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC., a subsidiary of Johnson Controls, Inc. Equipment: KT-1 Vulnerability: Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this...
Advantech WebAccess
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1...
Delta Electronics DOPSoft (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-238-04 Delta Electronics DOPSoft that was...
Mitsubishi Electric MELSEC iQ-R Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : MELSEC iQ-R Series CPU Module Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...
FATEK Automation FvDesigner
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Access of Uninitialized Pointer, Stack-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an...
Advantech WebAccess SCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Cross-site Scripting XSS, Relative Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Siemens RWG Universal Controllers
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Low attack complexity Vendor : Siemens Equipment : RWG Universal Controllers Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...
Siemens Mendix SAML Module
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate...
AVEVA InTouch
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: AVEVA Software, LLC Equipment: InTouch 2020 R2 and all prior versions Vulnerability: Clear Text Storage of Sensitive Information in Memory 2. RISK EVALUATION Successful exploitation of this vulnerability could expose...
Delta Electronics CNCSoft ScreenEditor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device, and an out-of-bounds write...
Delta Electronics CNCSoft ScreenEditor
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Industrial Automation Equipment: CNCSoft ScreenEditor Vulnerability: Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1...