Rockwell Automation Multiple Controllers Open Redirect (CVE-2019-10955)

An open redirect vulnerability exists in Rockwell Automation MicroLogix and CompactLogix controllers. A remote unauthenticated attacker could exploit this vulnerability to redirect users to a malicious site via a malicious link...

CVE-2019-10955

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers...

CVE-2019-10955

In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers...

CVE-2019-10955

Affected products: Rockwell Automation MicroLogix 1400 (Series A, B up to v15.002), MicroLogix 1100 (v14.00 and earlier), CompactLogix 5370 L1/L2/L3 controllers (up to v30.014), including GuardLogix. Vulnerability type: open redirect in the controller web server that could be exploited by a remot...

WAGO 750-88x Series and WAGO 750-87x Series Trust Management Issue Vulnerability

The WAGO 750-88x Series and WAGO 750-87x Series are both products of WAGO, Germany.The WAGO 750-88x Series is a 750-88x series programmable logic controller.The WAGO 750-87x Series is a 750-87x series programmable logic controller. A trust management issue vulnerability exists in the WAGO Series...

CVE-2019-10953

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets...

CVE-2019-10953

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets...

CVE-2019-10953

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets...

CVE-2019-10953

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets...

Remote Code Execution (RCE)

MadsKristensen.AspNetCore.Miniblog is vulnerable to remote code execution. A remote attacker is able to execute arbitrary ASPX code by uploading a malicious IMG element with a data: URL, which will be executed when the SaveFilesToDisk function in Controllers/BlogController.cs writes a decoded...

PT-2019-12100

Name of the Vulnerable Software and Affected Versions Programmable Logic Controllers versions affected versions not specified Description The issue concerns a denial-of-service attack due to a flood of network packets. Researchers have found that some controllers from various manufacturers,...

Social Media & Share Icons <= 2.1.7 - Multiple Issues

The Social Media Share Buttons & Social Sharing Icons WordPress plugin was affected by a Multiple Issues security vulnerability. https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.1.7/libs/controllers/sfsibuttonscontroller.phpL877...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-974)

The openSUSE Leap 15.0 kernel was updated to 4.12.14-lp150.12.28.1 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-18281: The mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the...

Code injection

The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the...

CVE-2010-5305

The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unauthorized programming and configuration client to gain access to the product and allow changes to the...

ENTTEC Lighting Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ENTTEC Equipment: Datagate MK2, Storm 24, Pixelator Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could reboot this...

PT-2019-6597 · Rockwell Automation · Rockwell Plc5 +4

Name of the Vulnerable Software and Affected Versions: Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers affected versions not specified Description: The issue concerns the potential exposure of the product's password, which could allow unauthorized access to the controllers. This...

ENTTEC Lighting Controllers

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ENTTEC Equipment: Datagate MK2, Storm 24, Pixelator Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could reboot this...

PT-2019-7202 · Schneider Electric · Modicon Bmxnoe0110 +6

Name of the Vulnerable Software and Affected Versions: Schneider Electric Modicon BMXNOC0401 Schneider Electric Modicon BMXNOE0100 Schneider Electric Modicon BMXNOE0110 Schneider Electric Modicon BMXNOE0110H Schneider Electric Modicon BMXNOR0200H Schneider Electric Modicon BMXP342020 Schneider...

How Radio Frequency Technology is Putting the Industrial Sector at Risk

Each industry has its own unique security risks. The banking and health care sectors, for example, deal with some considerably sensitive financial and client data, and therefore must put robust protections in place to ensure its safety. The industrial sector, however, is a bit different. For many...