Lucene search
+L

56 matches found

Cvelist
Cvelist
added 2021/08/31 10:22 p.m.22 views

CVE-2020-20486

IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10xStaAddr...

7.7AI score0.01089EPSS
Exploits1References1
OSV
OSV
added 2021/08/23 9:15 p.m.1 views

CVE-2020-18731

A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...

7.5CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2021/08/23 9:15 p.m.14 views

CVE-2020-18731

A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...

7.5CVSS0.01406EPSS
Exploits1References2
NVD
NVD
added 2021/08/23 9:15 p.m.21 views

CVE-2020-18730

A segmentation violation in the Iec104DealI function of IEC104 v1.0 allows attackers to cause a denial of service DOS...

7.5CVSS0.01406EPSS
Exploits1References2
Prion
Prion
added 2021/08/23 9:15 p.m.14 views

Sql injection

A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...

5CVSS7.3AI score0.01406EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/08/23 8:7 p.m.45 views

CVE-2020-18731

The CVE-2020-18731 entry concerns IEC104 v1.0, where a segmentation violation in the Iec104_Deal_FirmUpdate function can cause a denial of service. The connected PT-2021-10228 advisory for IEC104 v1.0 corroborates the affected component and provides a practical workaround: temporarily disable the...

7.5CVSS7.3AI score0.01406EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/08/23 8:7 p.m.24 views

CVE-2020-18731

A segmentation violation in the Iec104DealFirmUpdate function of IEC104 v1.0 allows attackers to cause a denial of service DOS...

7.3AI score0.01406EPSS
Exploits1References2
CVE
CVE
added 2021/08/23 8:7 p.m.43 views

CVE-2020-18730

IEC104 v1.0 contains a segmentation fault in the Iec104_Deal_I / Iec104 Deal I function, enabling denial of service. The issue affects IEC104 implementations using version 1.0; exploitation details are not provided in the connected documents. A temporary workaround is to disable the Iec104_Deal_I...

7.5CVSS7.3AI score0.01406EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/08/23 8:7 p.m.24 views

CVE-2020-18730

A segmentation violation in the Iec104DealI function of IEC104 v1.0 allows attackers to cause a denial of service DOS...

7.3AI score0.01406EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.6 views

PT-2021-10228 · Iec104 · Iec104

Name of the Vulnerable Software and Affected Versions: IEC104 version 1.0 Description: A segmentation violation in the Iec104 Deal FirmUpdate function allows attackers to cause a denial of service. Recommendations: For IEC104 version 1.0, as a temporary workaround, consider disabling the Iec104...

7.5CVSS7.4AI score0.01406EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.6 views

PT-2021-10227 · Iec104 · Iec104

Name of the Vulnerable Software and Affected Versions: IEC104 version 1.0 Description: A segmentation violation in the Iec104 Deal I function allows attackers to cause a denial of service. Recommendations: For IEC104 version 1.0, consider disabling the Iec104 Deal I function as a temporary...

7.5CVSS7.4AI score0.01406EPSS
Exploits1References4
Prion
Prion
added 2021/07/21 3:15 p.m.26 views

Authentication flaw

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...

7.5CVSS9.4AI score0.01541EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2021/07/21 10:41 a.m.52 views

CVE-2021-22772

CVE-2021-22772 affects Schneider Electric Easergy T200 series (Modbus SC2-04MOD-07000100, IEC104 SC2-04IEC-07000100, DNP3 SC2-04DNP-07000102 and earlier). Documented root cause: CWE-306 – Missing Authentication for Critical Function, enabling unauthorized operation when authentication is bypassed...

9.8CVSS9.4AI score0.01541EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/21 10:41 a.m.25 views

CVE-2021-22772

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...

9.7AI score0.01541EPSS
Exploits0References1
Talos
Talos
added 2021/04/26 12:0 a.m.57 views

MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability

Summary A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. Tested...

7.5CVSS7.5AI score0.01261EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.15 views

Siemens En100 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...

5CVSS3.7AI score0.016EPSS
Exploits0References3
NVD
NVD
added 2019/12/12 7:15 p.m.20 views

CVE-2019-13944

A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...

5.3CVSS5.7AI score0.016EPSS
Exploits0References2
NVD
NVD
added 2019/12/12 7:15 p.m.39 views

CVE-2019-13943

A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...

6.1CVSS5.7AI score0.00887EPSS
Exploits0References2
Prion
Prion
added 2019/12/12 7:15 p.m.15 views

Code injection

A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...

5CVSS5.6AI score0.016EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/12/12 7:8 p.m.60 views

CVE-2019-13942

The CVE-2019-13942 issue affects Siemens EN100 Ethernet Module variants (DNP3, IEC61850

7.5CVSS7.5AI score0.01949EPSS
Exploits0References2Affected Software5
Rows per page
Query Builder