PT-2022-1965 · Siemens · Simatic Et 200Sp Open Controller Cpu 1515Sp Pc2 Ready4Linux +9

Name of the Vulnerable Software and Affected Versions: SIMATIC Drive Controller family versions prior to V2.9.2 SIMATIC Drive Controller family versions V2.9.2 through V2.9.4 SIMATIC ET 200SP Open Controller CPU 1515SP PC versions prior to V21.9 SIMATIC ET 200SP Open Controller CPU 1515SP PC2...

PT-2022-1966 · Siemens · Simatic S7-1500 Software Controller +7

Name of the Vulnerable Software and Affected Versions: SIMATIC Drive Controller family versions 2.9.2 through 2.9.4 SIMATIC ET 200SP Open Controller CPU 1515SP PC2 versions 21.9 through 21.9.4 SIMATIC S7-1200 CPU family versions 4.5.0 through 4.5.2 SIMATIC S7-1500 CPU family versions 2.9.2 throug...

Siemens SIMATIC S7-1500 系列产品输入验证错误漏洞

SIMATIC Drive Controller family products are machines designed for production automation, combining the functionality of the SIMATIC S7-1500 CPU and the SINAMICS S120 drive control.SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such...

Intel® 82599 Ethernet Controllers Advisory

Summary: Potential security vulnerabilities in the Intel® 82599 Ethernet Series Controllers and Adapters may allow denial of service. Intel is releasing software updates and prescriptive guidance to address these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2021-33096 Description:...

Siemens BACnet Field Panels Authentication Bypass Using an Alternate Path or Channel (CVE-2017-9946)

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions V3.5. An attacker with network access to the integrated web server 80/tcp and 443/tcp could bypass the authentication and download sensitive information from the device. This plugi...

Mitsubishi Electric MELFA (CVE-2021-20586)

Resource management errors vulnerability in a robot controller of MELFA FR Seriescontroller CR800-VD of RV-FR-D- all versions, controller CR800-HD of RH-FRH-D- all versions, controller CR800-HRD of RH-FRHR-D- all versions, controller CR800-VR with R16RTCPU of RV-FR-R- all versions, controller...

Rockwell Automation ControlLogix controllers Resource Management Errors (CVE-2012-6435)

Rockwell Automation SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service control and communication outage via a CIP message that specifies a...

Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers URL Redirection to Untrusted Site (CVE-2019-10955)

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers...

Schneider Electric Modicon Controllers Use of Insufficiently Random Values (CVE-2019-6821)

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. This plugin only works...

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of Hard-Coded Cryptographic Key (CVE-2020-6990)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file...

Schneider Electric Modicon Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2018-7794)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when reading data with invalid index using Modbus TCP. This...

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Improper Restriction of Excessive Authentication Attempts (CVE-2017-7898)

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions;...

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2017-7899)

An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00...

Schneider Electric Modicon Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2019-6857)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service of the controller when reading specific memory blocks using...

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Reusing a Nonce, Key Pair in Encryption (CVE-2017-7902)

A Reusing a Nonce, Key Pair in Encryption issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A an...

Schneider Electric Modicon Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2019-6819)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

Rockwell Automation Logix Controllers Insufficiently Protected Credentials (CVE-2021-22681)

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

Schneider Electric Modicon Controllers and Software Authentication Bypass By Spoofing (CVE-2021-22779)

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert all versions prior to V15.0 SP1, including all versions of Unity Pro, EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert all versions, including all versions of EcoStruxure Hybrid DCS, SCADAPack...

Saia Burgess Controls PCD Controllers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2017-9628)

An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents. This plugin only works with Tenable.ot. Please visit...

CVE-2021-44463

Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations All versions when some DeltaV services are started...