CVE-2022-2790

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic PDT files and data blocks data BLD/BLK files...

Emerson Proficy Machine Edition 数据伪造问题漏洞

Emerson Proficy Machine Edition is an application from Emerson, Inc. an automation solution. A data forgery issue vulnerability exists in Emerson Proficy Machine Edition 9.00 and prior versions, which stems from the ability to display logic that differs from the compiled logic...

Emerson Proficy Machine Edition 数据伪造问题漏洞

Emerson Proficy Machine Edition is an application from Emerson, Inc. an automation solution. A data forgery issue vulnerability exists in Emerson Proficy Machine Edition version 9.00 and prior versions, which stems from the lack of authentication or authorization of packets after a connection is...

Emerson Proficy Machine Edition 路径遍历漏洞

Emerson Proficy Machine Edition is an application from Emerson, Inc. an automation solution. A security vulnerability exists in Emerson Proficy Machine Edition versions 9.80 and earlier, which stems from an easy ZipSlip attack via the uploader program, which allows an attacker to plant a maliciou...

Emerson Proficy Machine Edition 安全漏洞

Emerson Proficy Machine Edition is a software application from Emerson Electric USA, Inc. an automation solution. A security vulnerability exists in Emerson Proficy Machine Edition version 9.00 and prior versions, which stems from storing project data in a directory with incorrect access control...

Emerson Proficy Machine Edition 代码问题漏洞

Emerson Proficy Machine Edition is a software application from Emerson Electric USA, Inc. An automation solution. A code issue vulnerability exists in Emerson Proficy Machine Edition 9.00 and prior versions that originates from uploading any file written to the PLC logical folder to a connected P...

Emerson Proficy Machine Edition 数据伪造问题漏洞

Emerson Proficy Machine Edition is an application from Emerson, Inc. an automation solution. A data forgery issue vulnerability exists in Emerson Proficy Machine Edition version 9.00 and prior versions, which stems from an inability to properly validate compilation logic PDT files and data block...

Emerson Proficy Machine Edition

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Emerson Equipment: Proficy Machine Edition Vulnerabilities: Missing Support for Integrity Check, Improper Access Control, Unrestricted Upload of File with Dangerous Type, Improper Verification of...

CVE-2021-29297

Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle MITM attack to the component "FrameworX.exe" in the module "MSVCR100.dll"...