The vulnerabilities of Siemens’ software and hardware infrastructure, related to errors in processing a large number of UDP packets, allow attackers to trigger service interruptions.

The vulnerability of Siemens’ software and hardware infrastructure is related to errors in processing a large number of UDP packets. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

Beckhoff TwinCAT Denial of Service Vulnerability

Beckhoff TwinCAT is a software system from Beckhoff Germany consisting of a real-time environment and a real-time system for executing control programs in a development environment. The system is mainly used for PLC Programmable Logic Controller programming, diagnostics and system configuration. ...

CVE-2019-16110

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream...

The vulnerability in the implementation of the interaction protocol between the “ARM Reliezer” software and the “Communication Server” software of the EKRASMS-SP software suite allows a violator to modify the list of servers.

The vulnerability of the interaction protocol between the “ARM Rielshchika” software and the “Server Connect” software of the EKRASMS-SP suite lies in the absence of authentication in the mechanism for extending the list of servers. Exploiting this vulnerability allows a malicious actor to modify...

Rockwellautomation Rslinx Out-of-bounds Read

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it receives a datagram with an incorrect value in the “Record Data Size” field. By sendin...

Rockwellautomation Rslinx Integer Overflow or Wraparound

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a...

Denial of Service Vulnerability in Multiple Siemens Products (CNVD-2019-36853)

Siemens SIMATIC CFU PA and others are products of Siemens, Germany.Siemens SIMATIC CFU PA is a compact field device.SIMATIC ET 200AL is a distributed I/O system module.SIMATIC ET 200M is a control cabinet for high-density channel applications. modular I/O system module. A denial of service...

CVE-2019-10936

Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition...

PT-2019-3316 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Network Address Translation NAT Session Initiation Protocol SIP Application Layer Gateway ALG could allow an unauthenticated, remote attacker to cause a...

The vulnerability of the UDPmessageSetting component within the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a attacker to cause service interruptions.

The vulnerability of the UDPmessageSetting component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions by modifying the configuration file...

CVE-2019-10937

A vulnerability has been identified in SIMATIC TDC CP51M1 All versions V1.1.7. An attacker with network access to the device could cause a Denial-of-Service condition by sending a specially crafted UDP packet. The vulnerability affects the UDP communication of the device. The security vulnerabili...

Siemens SIMATIC TDC CP51M1 Input Validation Error Vulnerability

The Siemens SIMATIC TDC CP51M1 is an industrial Ethernet communication module for the SIMATIC TDC automation system from Siemens, Germany. An input validation error vulnerability exists in Siemens SIMATIC TDC CP51M1 versions prior to 1.1.7. An attacker could exploit this vulnerability by sending...

DEBIAN-CVE-2019-14199

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call...

UBUNTU-CVE-2019-14199

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call...

INSIDE Secure MatrixSSL Buffer Overflow Vulnerability (CNVD-2020-22363)

INSIDE Secure MatrixSSL is an embedded, open source SSLv3 stack from INSIDE Secure, France, designed for small applications and devices. INSIDE Secure MatrixSSL suffers from a buffer overflow vulnerability that stems from the DTLS server not properly handling incoming network messages. An attacke...

USN-4068-2: Linux kernel (HWE) vulnerabilities

USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kern...

USN-4068-2 linux-hwe, linux-gcp vulnerabilities

USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kern...

DEBIAN-CVE-2019-10638

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...

Fuji Electric V-Server Input Validation Error Vulnerability

Fuji Electric V-Server is a suite of software for collecting and managing real-time field data from Fuji Electric Japan. An input validation error vulnerability exists in Fuji Electric V-Server versions prior to 6.0.33.0. The vulnerability originates from a network system or product that does not...

Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-4008-3)

USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space...