56 matches found
CVE-2020-20486
IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10xStaAddr...
CVE-2020-18731
A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...
CVE-2020-18731
A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...
CVE-2020-18730
A segmentation violation in the Iec104DealI function of IEC104 v1.0 allows attackers to cause a denial of service DOS...
Sql injection
A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...
CVE-2020-18731
The CVE-2020-18731 entry concerns IEC104 v1.0, where a segmentation violation in the Iec104_Deal_FirmUpdate function can cause a denial of service. The connected PT-2021-10228 advisory for IEC104 v1.0 corroborates the affected component and provides a practical workaround: temporarily disable the...
CVE-2020-18731
A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...
CVE-2020-18730
IEC104 v1.0 contains a segmentation fault in the Iec104_Deal_I / Iec104 Deal I function, enabling denial of service. The issue affects IEC104 implementations using version 1.0; exploitation details are not provided in the connected documents. A temporary workaround is to disable the Iec104_Deal_I...
CVE-2020-18730
A segmentation violation in the Iec104DealI function of IEC104 v1.0 allows attackers to cause a denial of service DOS...
PT-2021-10228 · Iec104 · Iec104
Name of the Vulnerable Software and Affected Versions: IEC104 version 1.0 Description: A segmentation violation in the Iec104 Deal FirmUpdate function allows attackers to cause a denial of service. Recommendations: For IEC104 version 1.0, as a temporary workaround, consider disabling the Iec104...
PT-2021-10227 · Iec104 · Iec104
Name of the Vulnerable Software and Affected Versions: IEC104 version 1.0 Description: A segmentation violation in the Iec104 Deal I function allows attackers to cause a denial of service. Recommendations: For IEC104 version 1.0, consider disabling the Iec104 Deal I function as a temporary...
Authentication flaw
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...
CVE-2021-22772
CVE-2021-22772 affects Schneider Electric Easergy T200 series (Modbus SC2-04MOD-07000100, IEC104 SC2-04IEC-07000100, DNP3 SC2-04DNP-07000102 and earlier). Documented root cause: CWE-306 – Missing Authentication for Critical Function, enabling unauthorized operation when authentication is bypassed...
CVE-2021-22772
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...
MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability
Summary A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. Tested...
Siemens En100 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13944
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13943
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
Code injection
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13942
The CVE-2019-13942 issue affects Siemens EN100 Ethernet Module variants (DNP3, IEC61850