Multiple SCALANCE X switches products mirror port isolation vulnerability

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. A mirror port isolation vulnerability exists in several SCALANCE X switches products. The vulnerability is due to the monitoring barriers on the affected...

WAGO e!COCKPIT Firmware Downgrade Vulnerability

Summary An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version...

The vulnerability of the software for OpenBMC controllers, related to access control errors, allows a perpetrator to execute malicious code, read and write arbitrary data, modify configuration settings, or cause service failures.

The vulnerability of the software for OpenBMC controllers is related to access control errors. Exploiting this vulnerability allows a malicious actor to execute malicious code, read and write arbitrary data, modify configuration settings, or cause service failures...

CVE-2019-6535

Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet...

Best practices used to protect encryption key data generated by embedded micro-controllers

Problem This service bulletin is to highlight the secure engineering best practices used to protect encryption key data generated by embedded micro-controllers in management module hardware. Resolving The Problem Source RETAIN tip: H206119 Symptom This service bulletin is to highlight the secure...

Hacking Construction Cranes

Construction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be easily taken advantage of to move full-sized machines such as cranes used in construction sites and factories. In the different attack classes that we'v...

The vulnerability of Siemens Sinumerik programmable logic controllers lies in the integer overflow that occurs in the VNC server. This allows a perpetrator to execute arbitrary code with privileged privileges.

The vulnerability of Siemens Sinumerik programmable logic controllers is related to a numerical overflow in the VNC server. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with privileged privileges by sending specially crafted packets to port 5900/TCP...

The vulnerability of Siemens Sinumerik programmable logic controllers is related to an error in processing network packets by the VNC server. This error allows a intruder to trigger a service failure of the VNC server.

The vulnerability of Siemens Sinumerik programmable logic controllers is related to an error in processing network packets by the VNC server. Exploiting this vulnerability allows a malicious actor to cause a service failure on the VNC server by sending specially crafted packets to port 5900/TCP...

The vulnerability of Siemens Sinumerik programmable logic controllers lies in errors during exception handling, which allow intruders to read arbitrary data or execute arbitrary code in the kernel mode.

The vulnerability of Siemens Sinumerik programmable logic controllers is related to an error in exception handling. Exploiting this vulnerability could allow attackers to read arbitrary data or execute arbitrary code in the kernel mode...

The vulnerability of Siemens Sinumeric programmable logic controllers lies in the insufficient protection of the configuration file, allowing a hacker to execute arbitrary code with elevated privileges.

The vulnerability of Siemens Sinumeric programmable logic controllers is related to insufficient protection of the configuration file. Exploiting this vulnerability allows a perpetrator to execute arbitrary code with elevated privileges after a reboot or manually initiating an action...

The vulnerability of microprogrammed logic controllers from Schneider Electric Modicon, related to insufficient protection of the web page structure, allows attackers to inject JavaScript that will be executed in the user’s browser.

The vulnerability of the microprogrammed logic controllers from Schneider Electric Modicon relates to insufficient protection of the web page structure. Exploiting this vulnerability allows an intruder to inject JavaScript, which will be executed in the user’s browser...

The vulnerability of the microprogrammed software of Schneider Electric Modicon programmable logic controllers, related to the lack of necessary checks during password deletion, allows a intruder to gain access to the password deletion function of the web server.

The vulnerability of the microprogrammed logic controllers from Schneider Electric Modicon lies in the lack of necessary checks during password deletion. Exploiting this vulnerability could allow unauthorized individuals to gain access to the password deletion function of the web server...

The vulnerability of the microprogrammed software of Schneider Electric Modicon programmable logic controllers, related to the lack of necessary checks during password changes, allows unauthorized access to the password-changing function of the web server.

The vulnerability of the microprogrammed logic controllers from Schneider Electric Modicon lies in the lack of necessary checks during password changes. Exploiting this vulnerability could allow unauthorized individuals to gain access to the password-changing function of the web server...

The vulnerability of the Taserver web service on the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 allows a perpetrator to execute arbitrary code.

The vulnerability of the TAserver web service for the TeNIX programmable logic controllers MFC1500 and MFC3000 lies in the lack of name filtering when generating a 404 HTTP error page. As a result, the name of the non-existent web page is passed unchanged to the generated error page. Exploiting...

The vulnerability of the pnp-receive.sh service in the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 allows a hacker to write arbitrary data onto the device and exhaust the available disk space.

The vulnerability of the pnp-receive.sh service on the TeNIX programmable logic controllers MFC1500 and MFC3000 operating system is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to exhaust the device’s disk space by sending arbitrary...

The vulnerability of the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 allows a hacker to gain full access to the system.

The vulnerability of the TeNIX operating system for programmable logic controllers MFC1500 and MFC3000 is related to the use of a default weak password for the root account, information about which is not available in the documentation. Exploiting this vulnerability could allow an attacker,...

Remote Code Execution (RCE)

samba4 is vulnerable to remote code execution RCE attacks. The vulnerability exists through a heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain...

PT-2019-6168

Name of the Vulnerable Software and Affected Versions ThinkPHP versions prior to 3.2.4 Open Source BMS version 1.1.1 zzzcms zzzphp Description A flaw exists in ThinkPHP related to improper handling of code generation when using backslashes '' as delimiters in the controller name. This can allow a...

Wifi-soft's Unibox Controllers Remote Code Injection Vulnerability

Wifi-soft's Unibox Controllers are fast-paced network controllers for all large and small venues. A remote code injection vulnerability exists in Wifi-soft's Unibox Controllers. An attacker can exploit the vulnerability to inject arbitrary code...

Wifi-soft's Unibox Controllers Remote Command Injection Vulnerability (CNVD-2019-00771)

Wifi-soft's Unibox Controllers are fast-paced network controllers for all large and small venues. A remote code injection vulnerability exists in Wifi-soft's Unibox Controllers. An attacker can exploit the vulnerability to inject arbitrary code...