43 matches found
CVE-2020-10628
ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes unencrypted passwords on the network...
CVE-2020-10624
ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...
EUVD-2020-3072
Malware in sbrugna...
EUVD-2020-3076
Malware in sbrugna...
EUVD-2023-57704
Malicious code in bioql PyPI...
EUVD-2022-52267
Malicious code in bioql PyPI...
EUVD-2023-57705
Malicious code in bioql PyPI...
CVE-2022-30318
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...
Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Exposed Dangerous Method or Function (CVE-2023-5389)
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files...
Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Absolute Path Traversal (CVE-2023-5390)
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends...
The vulnerability of the microprogramming software used in Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC controllers allows attackers to disclose protected information or execute arbitrary files.
The vulnerability of the microprogramming software used in Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose sensitive...
The vulnerability of the Configuration Handler component in the microprogramming software for Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC allows a perpetrator to execute arbitrary code.
The vulnerability of the Configuration Handler component in the microprogramming software for Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC relates to the use of dangerous methods or functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code b...
CVE-2023-5390
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends...
Design/Logic Flaw
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends...
CVE-2023-5390
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends...
CVE-2023-5390
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends...
CVE-2023-5390
CVE-2023-5390 affects Honeywell ControlEdge VirtualUOC and ControlEdge UOC. The connected documents confirm an absolute path traversal flaw that could allow an attacker to read files from the controller over the network, exposing limited device information. The issue is triggered through unauthor...
Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC Security Vulnerabilities
Honeywell ControlEdge VirtualUOC and Honeywell ControlEdge UOC are both products of Honeywell, Inc.Honeywell ControlEdge VirtualUOC is a virtual unit operator controller. Honeywell ControlEdge UOC is a unit operation controller. A security vulnerability exists in the Honeywell ControlEdge Virtual...
Design/Logic Flaw
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files...
PT-2024-1736 · Honeywell · Honeywell Experion Controledge Virtualuoc +1
Name of the Vulnerable Software and Affected Versions: Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC affected versions not specified Description: The issue is related to incorrect restriction of directory path names with limited access, potentially allowing an attacker to read fil...