361 matches found
The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U, related to deficiencies in access control, allows a intruder to gain control and manage the operation of the controller.
The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain control and manage the controller’s operations by sending specially crafted packets via the XGT protocol...
The vulnerabilities of the programming software for PLCs (programmable logic controllers), the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert allow a intruder to gain unauthorized access to project files.
The vulnerabilities of the programming software for PLCs programmable logic controllers, the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert are related to insufficient protection of registration data. Exploiting the...
JTEKT Kostac PLC Programming Software 缓冲区错误漏洞
JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an insufficient buffer size f...
The vulnerability of the PLK MKLogic-500, related to insufficient control of FTP configuration parameters, allows a hacker to trigger a service failure.
The vulnerability of the MKLogic-500 PLC is related to insufficient control over the parameters used in the configuration of programmable logic controllers, which are set via FTP. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the MKLogic-500 PLC configuration protocol, related to the lack of authentication for critical functions, allows attackers to alter the device’s operating logic.
The vulnerability of the MKLogic-500 PLC configuration protocol lies in the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker, operating remotely, to alter the device’s operating logic...
Schneider Electric Modicon Out-of-bounds Write (CVE-2020-7524)
Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller V5.0.0.7 and prior which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4...
多款WAGO产品 访问控制错误漏洞
WAGO Series PFC100 and others are products of WAGO, Germany.WAGO Series PFC100 is a programmable logic controller.WAGO Series PFC200 is a programmable logic controller.WAGO Edge Controller is an edge controller. An access control error vulnerability exists in multiple WAGO products. An attacker...
CVE-2023-22807
LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol...
CVE-2023-22803
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could allow an attacker to change the PLC's mode arbitrarily...
LS ELECTRIC XBC-DN32U 安全漏洞
LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC Korea.A denial of service vulnerability exists in the LS ELECTRIC XBC-DN32U. The vulnerability stems from the fact that the device will stop functioning when accessing a memory location outside of the communication...
LS ELECTRIC XBC-DN32U 访问控制错误漏洞
The LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC in Korea. An Access Control Error vulnerability exists in the LS ELECTRIC XBC-DN32U version 01.80. The vulnerability stems from the device's inability to properly control access to the PLC via its internal XGT...
The vulnerability of Schneider Electric’s programmable logic controllers’ microprogramming software lies in the insufficient testing of unusual or exceptional states. This allows a intruder to execute arbitrary code or cause malfunctions during maintenance.
The vulnerability of microprogrammed programmable logic controllers from Schneider Electric relates to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause malfunctions by using a specially created malware file...
WAGO 访问控制错误漏洞
WAGO 750-88x Series and so on are products of WAGO, Germany.WAGO 750-88x Series is a 750-88x series programmable logic controller.WAGO 750-87x Series is a 750-87x series programmable logic controller.WAGO Series PFC100 is a programmable logic controller. a programmable logic controller. An access...
Mitsubishi Electric MELSEC iQ-R、iQ-L Series和MELIPC Series 安全漏洞
Mitsubishi Electric MELSEC iQ-R series and so on are products of Mitsubishi Electric Japan.Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller.Mitsubishi Electric MELSEC iQ-L series is a series of programmable logic controller.Mitsubishi Electric MELSEC iQ-L series is a seri...
Omron CX-Programmer 缓冲区错误漏洞
Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in Omron CX-Programmer version v.9.77 and prior versions, which stems from an out-of-bounds write issue...
The vulnerability of microprogrammed software in programmable logic controllers SIMATIC S7-1200 and S7-1500 is related to insufficient protection of registration data, allowing attackers to gain full access to the device.
The vulnerability of microprogrammed software in programmable logic controllers SIMATIC S7-1200 and S7-1500 is related to insufficient protection of registration data. Exploiting this vulnerability can allow an intruder to gain full access to the device...
PT-2022-6339 · Unknown · Mklogic-500
Name of the Vulnerable Software and Affected Versions: MKLogic-500 affected versions not specified Description: The issue is related to insufficient control of parameters used in the configuration of programmable logic controllers, which is set up via FTP. This could allow a remote attacker to...
Fuji Electric D300win 缓冲区错误漏洞
Fuji Electric D300win is a PLC product and solution from Fuji Electric Japan. The Fuji Electric D300win suffers from a buffer error vulnerability that stems from susceptibility to out-of-bounds reads, which can be exploited by an attacker to leak sensitive data from process memory...
CVE-2022-2788
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering...
LS ELECTRIC PLC and XG5000 Encryption Problem Vulnerability
LS ELECTRIC PLC is a programmable logic controller from LS ELECTRIC, a South Korean company. LS ELECTRIC PLC and XG5000 are vulnerable to an encryption issue that could be exploited by an attacker to decrypt credentials and gain full access to the affected programmable logic controller PLC...