JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of Human Machine Interfaces HMIs from JTEKT. A security vulnerability exists in the JTEKT ELECTRONICS HMI GC-A2 series, which originates from a Denial of Service DoS vulnerability in the FTP service, where an unauthenticated, remote attacker sending...

PT-2023-31063 · Unknown · Hmi Gc-A2 Series

Name of the Vulnerable Software and Affected Versions: HMI GC-A2 series affected versions not specified Description: A denial-of-service DoS issue exists in the commplex-link service. If a remote unauthenticated attacker sends specially crafted packets to specific ports, a denial-of-service...

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of HMIs from JTEKT. The JTEKT ELECTRONICS HMI GC-A2 series suffers from a security vulnerability that originates from a Denial of Service DoS in the NetBIOS service, which can be exploited by an attacker to send specially crafted packets to a specifi...

Unitronics PLC Trust Management Issue Vulnerabilities

Unitronics PLC is a programmable logic controller with a built-in HMI panel from Unitronics Israel. A trust management issue vulnerability exists in the Unitronics PLC, which arises from the use of a default management password that allows an attacker accessing the PLC or HMI over the network to...

Bosch ctrlX HMI Web Panel WR21 Security Vulnerability

Bosch ctrlX HMI Web Panel WR21 is an HMI panel from Bosch Germany. A security vulnerability exists in the Bosch ctrlX HMI Web Panel WR21 version, which originated from a vulnerability that allows an attacker to install an arbitrary Android application while locked in Kiosk mode and use it to acce...

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel’s microprogramming software arises from buffer overflow in the stack. This allows a malicious actor to bypass the authentication process.

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel software lies in buffer overflow attacks within the stack. Exploiting this vulnerability could allow an attacker to bypass the authentication process...

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure.

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, in the Hitachi Energy RTU500 programmable logic controllers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure.

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, in the Hitachi Energy RTU500 programmable logic controllers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

CVE-2023-1049

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause execution of malicious code when an unsuspicious user loads a project file from the local filesystem into the HMI...

Delta Electronics DOPSoft 安全漏洞

Delta Electronics DOPSoft is a set of human machine interface HMI software from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft version 1.0.0.4 and prior versions, which stems from susceptibility to a stack-based buffer overflow. An attacker can explo...

CVE-2023-29154

SQL injection vulnerability exists in the CONPROSYS HMI System CHS versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page...

CVE-2023-29154

SQL injection vulnerability exists in the CONPROSYS HMI System CHS versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page...

CVE-2023-28657

Improper access control vulnerability exists in CONPROSYS HMI System CHS versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As a result, information regarding the product may be obtained and/or altered by the user...

Contec CONPROSYS HMI System 安全漏洞

Contec CONPROSYS HMI System is an HTML5 technology-based HMI Human Machine Interface/SCADA Supervisory Control and Data Acquisition software product from Contec Japan. A security vulnerability exists in Contec CONPROSYS HMI System versions prior to 3.5.3, which stems from an incorrect assignment ...

Contec CONPROSYS HMI System 安全漏洞

Contec CONPROSYS HMI System is an HTML5 technology-based HMI Human Machine Interface/SCADA Supervisory Control and Data Acquisition software product from Contec Japan. A security vulnerability exists in Contec CONPROSYS HMI System versions prior to 3.5.3, which stems from database account details...

Contec CONPROSYS HMI System 代码问题漏洞

Contec CONPROSYS HMI System is an HTML5-based HMI Human Machine Interface/SCADA Supervisory Control and Data Acquisition software product from Contec Japan. A security vulnerability exists in Contec CONPROSYS HMI System versions prior to 3.5.3 that stems from a server-side request forgery...

Contec CONPROSYS HMI System SQL注入漏洞

Contec CONPROSYS HMI System is an HTML5-based HMI Human Machine Interface/SCADA Supervisory Control and Data Acquisition software product from Contec Japan. A security vulnerability exists in Contec CONPROSYS HMI System versions prior to 3.5.3, which originates from the presence of SQL injection...

The vulnerability of the Horner Automation Cscape EnvisionRV remote control access software and the Cscape software lies in the fact that the output operations go beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Horner Automation Cscape EnvisionRV remote control access software and the Cscape software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by causing the user to open a specially...

PT-2023-2870 · Horner Automation · Horner Automation Cscape

Name of the Vulnerable Software and Affected Versions: Horner Automation Cscape affected versions not specified Description: The issue is related to a buffer overflow when parsing project files, such as HMI files. This could lead to an out-of-bounds write, allowing an attacker to execute arbitrar...

PT-2023-2953 · Horner Automation · Cscape

Name of the Vulnerable Software and Affected Versions: Horner Automation Cscape affected versions not specified Description: The issue is related to a lack of proper validation of user-supplied data when parsing project files, such as HMI files. This could lead to an out-of-bounds read, potential...