The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium arises from incorrect restrictions on path names in the restricted access catalog. This allows unauthorized access by intruders to protected information.

The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium stems from incorrect restrictions on the path name in the restricted access catalog. Exploiting this vulnerability could allow an attacke...

The vulnerability of the Modbus protocol implementation in microprogrammed software for programmable logic controllers like Modicon Quantum allows a intruder to trigger malfunctions in the equipment or unauthorized changes to its configuration.

The vulnerability of the Modbus protocol implementation in microprogrammed logic controllers like Modicon Quantum is related to errors in privilege management. Exploiting this vulnerability could allow an attacker to cause service failures or unauthorized changes to the PLC’s configuration...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to trigger a service failure.

The vulnerability of the EcoStruxure Control Expert programming tool for programmable logic controllers is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to bypass the authentication process.

The vulnerability of the programming software for PLCs programmable logic controllers, EcoStruxure Control Expert, is related to improper authentication. Exploiting this vulnerability can allow an attacker to bypass authentication processes...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to bypass the authentication process.

The vulnerability of the programming software for PLCs programmable logic controllers, EcoStruxure Control Expert, lies in the absence of restrictions on the number of authentication attempts. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

The driver’s vulnerability allows for the functionality of Storage Spaces controllers on Microsoft Windows operating systems, enabling attackers to increase their privileges.

The vulnerability of the driver for enabling Storage Spaces on Microsoft Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2021-0084

A flaw was found in the Linux kernel. This flaw allows a local authenticated user to enable the escalation of privileges due to improper input validation in the IntelR Ethernet Controllers X722 and 800 series Linux RMDA driver. The highest threat from this vulnerability is to confidentiality,...

CVE-2021-0003

A flaw was found in the Linux kernel. This flaw allows a local, authenticated user to enable information disclosure due to an improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers. The highest threat from this vulnerability is to confidentiality...

CVE-2021-0002

A flaw was found in the Linux kernel. This flaw allows a local, authenticated user to enable information disclosure or cause a denial of service due to an improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers. The highest threat from this vulnerability is to...

Exploit for Improper Authentication in Microsoft

PoC exploit for CVE-2021-36949, a vulnerability in Azure AD Conn...

CVE-2021-0004

Improper buffer restrictions in the firmware of IntelR Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access...

CVE-2021-0002

Improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial of service via local access...

CVE-2021-0003

Improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2021-0084

Improper input validation in the IntelR Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-0002

Improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial of service via local access...

Input validation

Improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial of service via local access...

Input validation

Improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure via local access...

Design/Logic Flaw

Out-of-bounds read in the firmware for IntelR Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

Input validation

Improper input validation in the IntelR Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-0005

Uncaught exception in firmware for IntelR Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access...