Fuji Electric Monitouch V-SFT 安全漏洞

Fuji Electric Monitouch V-SFT is a HMI software from Fuji Electric. A code execution vulnerability exists in Fuji Electric Monitouch V-SFT that originates from susceptibility to type confusion and can be exploited by an attacker to cause a system crash or execute arbitrary code...

Fuji Electric Monitouch V-SFT Buffer Overflow Vulnerability

Fuji Electric Monitouch V-SFT is a human-machine interface HMI configuration software developed by Fuji Electric, which is mainly used in industrial automation, providing touch screen interface design, PDF document viewing, video playback, alarm messages and other functions. Fuji Electric Monitou...

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology OT devices. Internet-exposed OT equipment in water and wastewater systems WWS in the US were targeted in multiple attacks over the past months by different...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execut...

Inductive Automation Ignition 安全漏洞

Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface, and more. A security vulnerability exists in Inductive Automation Ignition that stem...

Inductive Automation Ignition 安全漏洞

Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface, etc. Ignition is a Fedora CoreOS and RHEL CoreOS utility for manipulating disks duri...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execut...

FATEK FvDesigner 安全漏洞

FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A security vulnerability exists in FATEK FvDesigner that originates from not properly initializing a pointer before accessing it. An attacker can exploit the vulnerabilit...

The vulnerability of the AutomationDirect C-MORE EA9 HMI software’s microprogramming system, related to unencrypted storage of critical information, allows a intruder to gain unauthorized access to protected data.

The vulnerability of the Microprogrammed Control Panel Software of AutomationDirect C-MORE EA9 HMI relates to the unencrypted storage of critical information. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

Siemens SCALANCE W700产品系列安全漏洞

Siemens SCALANCE is a series of Ethernet switches from Siemens, Germany. It connects to industrial control system ICS devices, including programmable logic controllers PLCs and human machine interface HMI systems. A security vulnerability exists in the Siemens SCALANCE W700 product family that...

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in the copying of buffers without checking the size of input data during syntax analysis of the wKPFStringLen field. Exploiting this vulnerability allows a malicious actor to execute...

Delta Electronics DOPSoft Security Vulnerability

Delta Electronics DOPSoft is a Human Machine Interface HMI software package from Delta Electronics, a Taiwan, China-based company. A security vulnerability exists in Delta Electronics DOPSoft that stems from a buffer overflow vulnerability...

Delta Electronics DOPSoft Security Vulnerability

Delta Electronics DOPSoft is a set of Human Machine Interface HMI software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft that originates from a buffer overflow vulnerability when parsing the wKPFStringLen field of a DPS file...

Delta Electronics DOPSoft Security Vulnerability

Delta Electronics DOPSoft is a Human Machine Interface HMI software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft that originates from a buffer overflow vulnerability when parsing the wMailContentLen field of a DPS file...

CVE-2023-50466

An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter...

Weintek cMT security breach

Weintek cMT is a Human Machine Interface application from Weintek. A security vulnerability exists in Weintek cMT that stems from the presence of an authenticated command injection vulnerability that allows an attacker to execute arbitrary code or access sensitive information by injecting a craft...

The vulnerability of the software for creating and managing graphical user interfaces in industrial automation systems like SCADA CONPROSYS HMI Systems lies in the use of a password hash instead of a password for authentication. This allows attackers to exploit this flaw to disclose sensitive information through a “man-in-the-middle” attack.

The vulnerability of the SCADA CONPROSYS HMI System lies in the use of a password hash instead of a plain-text password for authentication. Exploiting this vulnerability allows an attacker, operating remotely, to disclose sensitive information through a “man-in-the-middle” attack...

PT-2023-31063 · Unknown · Hmi Gc-A2 Series

Name of the Vulnerable Software and Affected Versions: HMI GC-A2 series affected versions not specified Description: A denial-of-service DoS issue exists in the commplex-link service. If a remote unauthenticated attacker sends specially crafted packets to specific ports, a denial-of-service...

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of HMIs from JTEKT. The JTEKT ELECTRONICS HMI GC-A2 series suffers from a security vulnerability that originates from a Denial of Service DoS in the NetBIOS service, which can be exploited by an attacker to send specially crafted packets to a specifi...

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of Human Machine Interfaces HMIs from JTEKT. A security vulnerability exists in the JTEKT ELECTRONICS HMI GC-A2 series, which originates from a Denial of Service DoS vulnerability in the FTP service, where an unauthenticated, remote attacker sending...