24 matches found
PT-2022-25996 · Haas · Haas Controller
Name of the Vulnerable Software and Affected Versions: Haas Controller version 100.20.000.1110 Description: The issue concerns the transmission of communication traffic involving the "Ethernet Q Commands" service in cleartext. This allows an attacker to obtain sensitive information being passed t...
PT-2022-16853 · Haas · Haas Controller
Name of the Vulnerable Software and Affected Versions: Haas Controller version 100.20.000.1110 Description: The issue is related to insufficient granularity of access control when using the "Ethernet Q Commands" service. This allows any user to write macros into registers outside of the authorize...
CISA Releases Eight Industrial Control Systems Advisories
CISA has released eight 8 Industrial Control Systems ICS advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for...
Haas Controller
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Haas Automation, Inc Equipment: Haas Controller Vulnerabilities: Missing Authentication for Critical Function, Insufficient Granularity of Access Control, Cleartext Transmission of Sensitive Information...