Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability

A vulnerability in the Application Visibility and Control AVC-FNF feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to...

Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability

May 12, 2022 Update: The information in the Cisco Software Checker "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x" was not complete when this advisory was first published. Customers should use the form in the Fixed Software "fs" section of this advisory to get the latest...

Siemens SCALANCE X-300 Switch Family Devices跨站请求伪造漏洞

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A cross-site request forgery vulnerability exists in Siemens SCALANCE X-300 Switch...

Siemens TIA Portal Access Control Error Vulnerability

SIMATIC STEP 7 TIA Portal is the engineering software for configuring and programming SIMATIC controllers. An access control error vulnerability exists in Siemens TIA Portal, which can be exploited by an attacker to achieve elevation of privilege...

The vulnerability of the microprogrammed software for WAGO 750-8212 programmable logic controllers (PFC200), related to the manipulation of inter-site requests, allows intruders to carry out inter-site attack attacks.

The vulnerability of the microprogrammed software of WAGO 750-8212 programmable logic controllers PFC200 is related to the manipulation of intersite requests. Exploiting this vulnerability allows a remote attacker to perform intersite attack attacks...

Cisco IOS XE Software for Catalyst 9000 Family Switches Catalyst 9000 Family Wireless Controllers Privilege Escalation (cisco-sa-ewlc-priv-esc-ybvHKO5)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate...

Siemens SCALANCE X-300 Switch Family Devices缓冲区溢出漏洞

SCALANCE X switches are used to connect to industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A buffer overflow vulnerability exists in Siemens SCALANCE X-300 Switch Family...

多款 Siemens 产品跨站请求伪造漏洞

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A cross-site request forgery vulnerability exists in Siemens SCALANCE X-300 Switch...

Siemens SCALANCE安全漏洞

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions. A buffer overflow vulnerability exists in Siemens SCALANCE X-300 Switch Family...

CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...

CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...

PT-2022-13747 · Sap · Sap Information System

Name of the Vulnerable Software and Affected Versions: SAP Information System version 1.0 Description: A critical issue was found, allowing an unauthenticated attacker to create a new admin account for the web application with a simple POST request to the "add admin.php" file, located at the "/SA...

The vulnerability of microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, FlexLogix, DriveLogix, and SoftLogix controllers lies in the ability to introduce functionality from an untrusted control environment, allowing a perpetrator to execute arbitrary code.

The vulnerability of microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, FlexLogix, DriveLogix, and SoftLogix series of programmable logic controllers lies in the ability to introduce functionality from an untrusted control environment. Exploiting this...

CVE-2022-25158

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5UC CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series...

CVE-2021-33096

A denial-of-service flaw was found due to improper isolation of shared resources in the network on chip for the IntelR 82599 Ethernet Controllers and Adapters. This may allow an authenticated user to potentially create a denial of service via local access. Mitigation Mitigation for this issue is...

Rockwell Automation Logix Controllers 安全漏洞

Rockwell Automation Logix Controllers is a high-performance control platform from Rockwell Automation. Use this single platform to perform sequence, process, drive, or motion control in any combination. A security vulnerability exists in Rockwell Automation Logix Controllers that originates from...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

Gateway Callback and / or XML Communication fails after upgrade to Storefront 2203

The issue occurs when customers upgrade from Storefront 1912 to 2203 and had TLS1.0 disabled prior to upgrading Does not occur on a clean install, or with TLS 1.0 enabled. In this scenario customers will encounter a TLS communication issue between Storefront and ADC / Storefront and Citrix Delive...

CVE-2022-28148

The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows...

100s of Russian Building Controllers Can be Remotely Hacked

By Deeba Ahmed Researcher Jose Bertin has identified critical security vulnerabilities in a building controller made by Russian firm Tekon Avtomatika… This is a post from HackRead.com Read the original post: 100s of Russian Building Controllers Can be Remotely Hacked...