ECOA Building Automation System Missing Encryption Of Sensitive Information

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

mySCADA myPRO 路径遍历漏洞

mySCADA myPRO is a software application. myPRO is a professional HMI/SCADA system designed for the visualization and control of industrial processes. A path traversal vulnerability exists in mySCADA myPRO, which stems from a failure of the affected product to properly filter special elements in t...

Delta Electronics Industrial Automation DOPSoft 缓冲区错误漏洞

Delta Electronics Industrial Automation DOPSoft is a set of human machine interface HMI software from Delta Electronics Taiwan, China. A buffer error vulnerability exists in Delta Electronics Industrial Automation DOPSoft that stems from the affected product's susceptibility to out-of-bounds read...

CVE-2021-27383

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...

Denial of Service Vulnerability in CenturyStar Configuration Software (CNVD-2021-35746)

Century Star Configuration Software is an obstruction software launched by Beijing Century Changqiu Technology Co., Ltd. is a real-time human-machine interface utility program generator, consisting of the CSMaker development system and CSViewer runtime system, the CSMaker development system is th...

Siemens Web Server缓冲区错误漏洞

Siemens SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. A heap buffer overflow vulnerability exists in the Siemens SCALANCE X-200 web server. An attacker could exploit the vulnerability to cause a denial o...

WebAccess/HMI Designer suffers from a denial of service vulnerability (CNVD-2021-24693)

WebAccess/HMI Designer is an integrated human-machine interface development tool. A denial of service vulnerability exists in WebAccess/HMI Designer, which can be exploited by an attacker to cause a denial of service...

WebAccess/HMI Designer suffers from a denial of service vulnerability (CNVD-2021-24692)

WebAccess/HMI Designer is an integrated human-machine interface development tool. A denial of service vulnerability exists in WebAccess/HMI Designer, which can be exploited by an attacker to cause a denial of service...

WebAccess/HMI Designer suffers from a denial of service vulnerability (CNVD-2021-24691)

WebAccess/HMI Designer is an integrated human-machine interface development tool. A denial of service vulnerability exists in WebAccess/HMI Designer, which can be exploited by an attacker to cause a denial of service...

Rusavtomatika Weintek EasyWeb cMT 跨站脚本漏洞

Rusavtomatika Weintek EasyWeb cMT is an application platform of the Russian company Rusavtomatika. It is used to configure the parameters of the human-machine interface. A cross-site scripting vulnerability exists in Rusavtomatika Weintek EasyWeb cMT, which allows unauthenticated, remote attacker...

Rusavtomatika Weintek EasyWeb cMT 代码注入漏洞

Rusavtomatika Weintek EasyWeb cMT is an application platform of the Russian company Rusavtomatika. It is used to configure the parameters of the human-machine interface. A code injection vulnerability exists in Rusavtomatika Weintek EasyWeb cMT that allows an unauthenticated, remote attacker to...

Scalance X Products Hard-Coded Encryption Key Vulnerability

SCALANCE X is a switch for connecting industrial components such as programmable logic controllers plc or human machine interfaces HMIs. The Scalance X Products hard-coded encryption key vulnerability can be exploited by an attacker to handle man-in-the-middle scenarios and decrypt previously...

DOPSoft Out-of-Bounds Write Vulnerability

DOPSoft is a Human Machine Interface HMI programming software from Delta Electronics. DOPSoft 4.0.8.21 and earlier versions suffer from an out-of-bounds write vulnerability when handling project files. An attacker could exploit this vulnerability to execute arbitrary code...

Apache Flink Arbitrary File Read Vulnerability

Apache Flink is efficient and distributed general purpose data processing platform. Apache Flink products have an arbitrary file read vulnerability that can be exploited by an attacker to read sensitive files on the server and with the help of hard-coded credentials exploit the vulnerability to...

Apache Flink 安全漏洞

Apache Flink is efficient and distributed general purpose data processing platform. Apache Flink products have an arbitrary file read vulnerability that can be exploited by an attacker to read sensitive files on the server and with the help of hard-coded credentials exploit the vulnerability to...

dll hijacking vulnerability in EasyAccess 2.0 (Windows Client) of Taiwan Virent Technology Co.

EasyAccess2.0 is a HMI remote access tool produced by VelenTouch, which allows you to remotely access machines and equipment thousands of miles away from any place, to realize remote monitoring of HMI and remote penetration of PLC controllers, to complete the status of the monitoring and program...

ARC Informatique PcVue Information Disclosure Vulnerability

Pcvue is a multi-functional HMI-SCADA software from ARC Informatique, an all-in-one solution that monitors all aspects of a customer's assets.PcVue is used in a wide range of applications including industrial control, building management, energy management, smart grid, energy distribution,...

Vulnerabilities discovered in HMI Panels

Because SIMATIC HMI panels do not properly handle repeated login attempts correctly, they are susceptible to Brute-force attacks. A malicious party can use them to retrieve user names and passwords find out and thus issue random commands with permissions from the affected user account. To exploit...

Advantech WebAccess HMI Designer Type Obfuscation Vulnerability

Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A type confusion vulnerability exists in Advantech WebAccess HMI Designer version 2.1.9.31 and prior...

Memory Corruption Vulnerability in DOP-B Series HMI Software at Delta Electronics Enterprise Management (Shanghai) Co.

Delta Electronics Enterprise Management Shanghai Co., Ltd. was established in December 2003, and its business scope includes the fields of computer, software, information, communication, network, electromechanics and optoelectronics. A memory corruption vulnerability exists in the DOP-B series HM...