Lucene search
K

6 matches found

Cvelist
Cvelist
added 2022/07/26 9:28 p.m.21 views

CVE-2022-31206

The Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software which compiles IEC 61131-3 conformant POU code to native machine code for execution...

10AI score0.00858EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/06/28 12:0 a.m.8 views

The vulnerability of microprogrammed software in PACsystems programmable logic controllers, related to insufficient verification of data authenticity, allows a intruder to execute arbitrary code.

The vulnerability of microprogrammed programmable logic controllers from PACsystems is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow an attacker, operating remotely, to execute arbitrary code using a specially crafted file written in...

10CVSS6AI score
Exploits0References2
Talos Blog
Talos Blog
added 2021/07/26 7:42 a.m.42 views

Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System

Patrick DeSantis discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the CODESYS Development System. The CODESYS Development System is the IEC 61131-3 programming tool for industrial control and automation technology,... This is only...

2AI score
Exploits0
Talos
Talos
added 2021/07/26 12:0 a.m.115 views

CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

8.8CVSS8AI score0.01298EPSS
Exploits0
Talos
Talos
added 2019/03/09 12:0 a.m.37 views

WAGO e!Cockpit authentication hard-coded encryption key vulnerability

Summary A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit, version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text. Test...

5.5CVSS5.8AI score0.00335EPSS
Exploits1
0day.today
0day.today
added 2017/12/02 12:0 a.m.54 views

WAGO PFC 200 SERIES Multiple Vulnerabilities

Exploit for hardware platform in category local exploits VENDOR DESCRIPTION “The WAGO-I/O-SYSTEM is a flexible fieldbus-independent solution for decentralized automation tasks. With the relay, function and interface modules, as well as overvoltage protection, WAGO provides a suitable interface fo...

0.3AI score
Exploits0
Rows per page
Query Builder