The vulnerability of microprogrammed software for programmable logic controllers of the SYSMAC CS/CJ/CP series lies in insufficient data authenticity checking, allowing attackers to execute arbitrary commands.

The vulnerability of microprogrammed software in programmable logic controllers of the SYSMAC CS/CJ/CP series is related to insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...

The vulnerability of the EpicMo protocol lies in its ability to exploit measurement-and-control controllers from the Experion LX, allowing attackers to cause service failures.

The vulnerability of the EpicMo protocol, which is implemented in measurement and control controllers of the Experion LX, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the implementation of the S-Bus protocol in microprogrammed software for programmable logic controllers (PCD controllers) allows a intruder to disclose protected information.

The vulnerability of the S-Bus protocol implementation in microprogrammed programmable logic controllers PCD controllers is related to the use of a non-safe hash algorithm for password hashing. Exploiting this vulnerability could allow an attacker to disclose the protected information...

The vulnerability of microprogrammed software in programmable logic controllers like ControlEdge, which stems from the use of rigidly encoded user data, allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in programmable logic controllers like ControlEdge stems from the use of rigidly encoded user data. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

The vulnerability of microprogrammed software in programmable logic controllers such as AXC 1050, AXC 1050 XC, AXC 3050, FC 350 PCI ETH, ILC1x0, ILC1x1, ILC 1x1 GSM/GPRS, ILC 3xx, PC WORX RT BASIC, PC WORX SRT, RFC 430 ETH-IB, RFC 450 ETH-IB, RFC 460R PN 3TX, RFC 460R PN 3TX-S, RFC 470 PN 3TX, RFC 470S PN 3TX, RFC 480S PN 4TX arises from insufficient data authenticity checks. This allows attackers to gain full control over the device.

The vulnerabilities of microprogrammed software in programmable logic controllers such as AXC 1050, AXC 1050 XC, AXC 3050, FC 350 PCI ETH, ILC1x0, ILC1x1, ILC 1x1 GSM/GPRS, ILC 3xx, PC WORX RT BASIC, PC WORX SRT, RFC 430 ETH-IB, RFC 450 ETH-IB, RFC 460R PN 3TX, RFC 460R PN 3TX-S, RFC 470 PN 3TX,...

The vulnerabilities of microprogrammed software in programmable logic controllers such as ILC 1x0, ILC 1x1, ILC 1x1 GSM/GPRS, ILC 3xx, AXC 1050, AXC 1050 XC, AXC 3050, RFC 480S PN 4TX, RFC 470 PN 3TX, RFC 470S PN 3TX, RFC 460R PN 3TX, RFC 460R PN 3TX-S, RFC 430 ETH-IB, RFC 450 ETH-IB, PC WORX SRT, PC WORX RT BASIC, and FC 350 PCI ETH are related to authentication process flaws. These flaws allow attackers to gain unauthorized access to protected information or compromise the integrity of that information.

The vulnerabilities of the microprogrammed logic controllers ILC 1x0, ILC 1x1, ILC 1x1 GSM/GPRS, ILC 3xx, AXC 1050, AXC 1050 XC, AXC 3050, RFC 480S PN 4TX, RFC 470 PN 3TX, RFC 470S PN 3TX, RFC 460R PN 3TX, RFC 460R PN 3TX-S, RFC 430 ETH-IB, RFC 450 ETH-IB, PC WORX SRT, PC WORX RT BASIC, and FC 35...

The vulnerability of the communication modules of H0-ECOM and H0-ECOM100 Ethernet-controllers from DirectLOGIC, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the communication modules of H0-ECOM and H0-ECOM100 Ethernet controllers from DirectLOGIC is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending a specially crafted packet...

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

PT-2022-3180 · Honeywell · Honeywell Safety Builder +2

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS Safety Manager versions through 2022-05-06 Description: The issue is related to insufficient verification of data authenticity in the Safety Builder protocol used by Honeywell Experion PKS Safety Manager controllers. Th...

PT-2022-3082 · Saia Burgess Controls · Saia Burgess Controls Pcd

Name of the Vulnerable Software and Affected Versions: Saia Burgess Controls SBC PCD through 2022-05-06 Description: The issue concerns an authentication bypass in the S-Bus protocol used by Saia Burgess Controls SBC PCD controllers. The S-Bus protocol, which operates on UDP port 5050, is utilize...

PT-2022-3088 · Jtekt · Jtekt Toyopuc Plcs

Name of the Vulnerable Software and Affected Versions: JTEKT TOYOPUC PLCs through 2022-04-29 Description: The issue is related to the mishandling of authentication in JTEKT TOYOPUC PLCs. They utilize the CMPLink/TCP protocol, which is configurable on ports 1024-65534 on either TCP or UDP, for...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2022:2116-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2116-1 advisory. - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and...

CVE-2022-31800 Insufficient Verification of Data Vulnerability in PHOENIX CONTACT classic line industrial controllers

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device...

CVE-2022-31800 Insufficient Verification of Data Vulnerability in PHOENIX CONTACT classic line industrial controllers

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device...

The vulnerabilities of Schneider Electric’s automation controllers with microprogrammed software, such as C-Bus (LSS5500NAC), Wiser for C-Bus (LSS5500SHAC), Clipsal C-Bus (5500NAC), Clipsal Wiser for C-Bus (5500SHAC), and SpaceLogic C-Bus (5500NAC2), are related to weak password requirements. This allows attackers to gain full access to the devices.

The vulnerabilities of Schneider Electric’s automation controllers with microprogrammed software, such as C-Bus LSS5500NAC, Wiser for C-Bus LSS5500SHAC, Clipsal C-Bus 5500NAC, Clipsal Wiser for C-Bus 5500SHAC, and SpaceLogic C-Bus 5500NAC2, 5500AC2, are related to weak password requirements...

Phoenix Contact Classic Line Industrial Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 Vulnerability: Missing Authentication for Critical...

SharpSniper - Find Specific Users In Active Directory Via Their Username And Logon IP Address

Often a Red Team engagement is more than just achieving Domain Admin. Some clients will want to see if specific users in the domain can be compromised, for example the CEO. SharpSniper is a simple tool to find the IP address of these users so that you can target their box. It requires that you ha...

Zyxel Buffer Overflow / Format String / Command Injection

-- HNS-2022-02 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in Zyxel zysh Products: Zyxel firewalls, AP controllers, and APs Author: Marco Ivaldi Date: 2022-06-07 CVE Names and Vendor CVSS Scores: CVE-2022-26531:...

SUSE: Security Advisory (SUSE-SU-2022:2078-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...