Lucene search
+L

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-14212

Malware in sbrugna...

7.5CVSS7.5AI score0.01105EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-34265

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00488EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:15 a.m.14 views

CVE-2022-29951

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...

9.1CVSS7AI score0.00982EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:48 p.m.9 views

CVE-2022-29958

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...

9.8CVSS7.8AI score0.00488EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:12 p.m.7 views

CVE-2021-27458

If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All versions, PC10B-P TCC-6373: All versions, PC10B...

7.5CVSS6.9AI score0.01105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.1 views

CVE-2022-29951

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...

9.1CVSS7.2AI score0.00982EPSS
Exploits0References3
NVD
NVD
added 2022/07/26 10:15 p.m.41 views

CVE-2022-29951

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...

9.1CVSS0.00982EPSS
Exploits0References2
NVD
NVD
added 2022/07/26 10:15 p.m.21 views

CVE-2022-29958

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...

9.8CVSS0.00488EPSS
Exploits0References2
Prion
Prion
added 2022/07/26 10:15 p.m.17 views

Authentication flaw

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...

6.4CVSS9.2AI score0.00982EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/07/26 9:4 p.m.12 views

CVE-2022-29951

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...

7AI score0.00982EPSS
Exploits0References2
CVE
CVE
added 2022/07/26 9:4 p.m.84 views

CVE-2022-29951

CVE-2022-29951 affects JTEKT TOYOPUC PLCs (CMPLink/TCP protocol) up to 2022-04-29. The CMPLink/TCP service on ports 1024–65534 (TCP/UDP) has no authentication, enabling a remote attacker capable of communicating with the port to invoke a subset of functions (start/stop PLC, upload/download projec...

9.1CVSS9.2AI score0.00982EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/26 9:4 p.m.40 views

CVE-2022-29958

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...

10AI score0.00488EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/06/23 12:0 a.m.39 views

JTEKT TOYOPUC Missing Authentication For Critical Function (CVE-2022-29951, CVE-2022-29958)

The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...

9.8CVSS8.2AI score0.00982EPSS
Exploits0References5
CISA
CISA
added 2022/06/22 12:0 a.m.25 views

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

1.7AI score
Exploits0References19
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.22 views

PT-2022-3088 · Jtekt · Jtekt Toyopuc Plcs

Name of the Vulnerable Software and Affected Versions: JTEKT TOYOPUC PLCs through 2022-04-29 Description: The issue is related to the mishandling of authentication in JTEKT TOYOPUC PLCs. They utilize the CMPLink/TCP protocol, which is configurable on ports 1024-65534 on either TCP or UDP, for...

9.1CVSS7.6AI score0.00982EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/06/21 12:0 a.m.6 views

JTEKT TOYOPUC Products 访问控制错误漏洞

JTEKT TOYOPUC Products is a family of programmable controllers from JTEKT Japan. An access control error vulnerability exists in JTEKT TOYOPUC Products that stems from a lack of authentication functionality in the affected products. An attacker could use this vulnerability to change the controlle...

9.1CVSS8.3AI score0.00982EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/09/02 12:0 a.m.8 views

JTEKT TOYOPUC-Plus 安全漏洞

JTEKT TOYOPUC-Plus is a PLC from JTEKT Japan. A security vulnerability exists in the JTEKT TOYOPUC that stems from the affected product's inability to properly handle ICMP flooding, which could allow an attacker to deny Ethernet communication between affected devices. The following products and...

4.3CVSS5.2AI score0.00413EPSS
Exploits0References4
Prion
Prion
added 2021/07/01 1:15 p.m.17 views

Code injection

When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame,...

7.8CVSS7.6AI score0.01125EPSS
Exploits0References1Affected Software22
Positive Technologies
Positive Technologies
added 2021/07/01 12:0 a.m.8 views

PT-2021-17465 · Jtekt · Toyopuc Plc

Name of the Vulnerable Software and Affected Versions: JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET, PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B, PC10B-P, Na...

7.8CVSS7.5AI score0.01125EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/29 12:0 a.m.4 views

JTEKT TOYOPUC-Plus 缓冲区错误漏洞

JTEKT TOYOPUC-Plus is a PLC from JTEKT Japan. The JTEKT TOYOPUC-Plus suffers from a buffer error vulnerability that originates when the product receives an invalid frame, the outer region of the FL-net receive buffer will be overwritten. This causes the PLC CPU to detect a system error and the...

7.8CVSS7.6AI score0.01125EPSS
Exploits0References4
Rows per page
Query Builder