EUVD-2023-34207

Malicious code in bioql PyPI...

Rockwell Automation Enhanced HIM Cross-Site Request Forgery Vulnerability

The Rockwell Automation Enhanced HIM is an advanced human interface module from Rockwell Automation. It is a device used to interact with Rockwell Automation control systems, providing a more intuitive and convenient interface for operation and monitoring. A cross-site request forgery vulnerabili...

CVE-2023-2746

The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing CORS settings and, as a result, is vulnerable to a Cross Site Request Forgery CSRF attack. To exploit this vulnerability, a...

CVE-2023-2746

The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing CORS settings and, as a result, is vulnerable to a Cross Site Request Forgery CSRF attack. To exploit this vulnerability, a...

Cross site request forgery (csrf)

The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing CORS settings and, as a result, is vulnerable to a Cross Site Request Forgery CSRF attack. To exploit this vulnerability, a...

CVE-2023-2746 Rockwell Automation Enhanced HIM Vulnerable to Cross-Site Request Forgery Attack

The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing CORS settings and, as a result, is vulnerable to a Cross Site Request Forgery CSRF attack. To exploit this vulnerability, a...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on July 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-192-01 Rockwell Automation Enhanced HIM ICSA-23-192-02 Sensormatic Electronics iSTAR...

PT-2023-4080 · Rockwell Automation · Rockwell Automation Enhanced Him

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Enhanced HIM affected versions not specified Description: The issue is related to the implementation of the application programming interface in the Rockwell Automation Enhanced HIM software, which is vulnerable to Cross...

Rockwell Automation Enhanced HIM 跨站请求伪造漏洞

The Rockwell Automation Enhanced HIM is an advanced human interface module from Rockwell Automation. It is a device used to interact with Rockwell Automation control systems, providing a more intuitive and convenient interface for operation and monitoring. A cross-site request forgery vulnerabili...

Rockwell Automation Enhanced HIM

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Enhanced HIM Vulnerability: Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to sensitive information disclosure and...

Rockwell Products Impacted by Chromium Type Confusion

1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low attack complexity/public exploits are available Vendor: Rockwell Automation Equipment: FactoryTalk Software, Enhanced HIM for PowerFlex, Connected Components Workbench Vulnerability: Type Confusion 2. RISK EVALUATION Successful exploitation of this...