Lucene search
K

361 matches found

BDU FSTEC
BDU FSTEC
added 2023/03/30 12:0 a.m.5 views

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U, related to deficiencies in access control, allows a intruder to gain control and manage the operation of the controller.

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain control and manage the controller’s operations by sending specially crafted packets via the XGT protocol...

10CVSS7.7AI score0.00668EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.6 views

The vulnerabilities of the programming software for PLCs (programmable logic controllers), the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert allow a intruder to gain unauthorized access to project files.

The vulnerabilities of the programming software for PLCs programmable logic controllers, the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert are related to insufficient protection of registration data. Exploiting the...

8.6CVSS7.1AI score0.00216EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/05 12:0 a.m.6 views

JTEKT Kostac PLC Programming Software 缓冲区错误漏洞

JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an insufficient buffer size f...

7.8CVSS7.9AI score0.00318EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/03/03 12:0 a.m.9 views

The vulnerability of the PLK MKLogic-500, related to insufficient control of FTP configuration parameters, allows a hacker to trigger a service failure.

The vulnerability of the MKLogic-500 PLC is related to insufficient control over the parameters used in the configuration of programmable logic controllers, which are set via FTP. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

9.7CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/03 12:0 a.m.17 views

The vulnerability of the MKLogic-500 PLC configuration protocol, related to the lack of authentication for critical functions, allows attackers to alter the device’s operating logic.

The vulnerability of the MKLogic-500 PLC configuration protocol lies in the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker, operating remotely, to alter the device’s operating logic...

9.6CVSS5.5AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/01 12:0 a.m.24 views

Schneider Electric Modicon Out-of-bounds Write (CVE-2020-7524)

Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller V5.0.0.7 and prior which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4...

7.5CVSS7.5AI score0.01387EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/27 12:0 a.m.7 views

多款WAGO产品 访问控制错误漏洞

WAGO Series PFC100 and others are products of WAGO, Germany.WAGO Series PFC100 is a programmable logic controller.WAGO Series PFC200 is a programmable logic controller.WAGO Edge Controller is an edge controller. An access control error vulnerability exists in multiple WAGO products. An attacker...

9.8CVSS9.1AI score0.01067EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 6:15 p.m.5 views

CVE-2023-22807

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol...

9.8CVSS7.3AI score0.00668EPSS
Exploits0References1
OSV
OSV
added 2023/02/15 6:15 p.m.6 views

CVE-2023-22803

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could allow an attacker to change the PLC's mode arbitrarily...

7.5CVSS5.8AI score0.00591EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.7 views

LS ELECTRIC XBC-DN32U 安全漏洞

LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC Korea.A denial of service vulnerability exists in the LS ELECTRIC XBC-DN32U. The vulnerability stems from the fact that the device will stop functioning when accessing a memory location outside of the communication...

7.5CVSS6.7AI score0.00663EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.7 views

LS ELECTRIC XBC-DN32U 访问控制错误漏洞

The LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC in Korea. An Access Control Error vulnerability exists in the LS ELECTRIC XBC-DN32U version 01.80. The vulnerability stems from the device's inability to properly control access to the PLC via its internal XGT...

9.8CVSS6.8AI score0.00668EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/20 12:0 a.m.7 views

The vulnerability of Schneider Electric’s programmable logic controllers’ microprogramming software lies in the insufficient testing of unusual or exceptional states. This allows a intruder to execute arbitrary code or cause malfunctions during maintenance.

The vulnerability of microprogrammed programmable logic controllers from Schneider Electric relates to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause malfunctions by using a specially created malware file...

7.6CVSS8.5AI score0.01163EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/19 12:0 a.m.5 views

WAGO 访问控制错误漏洞

WAGO 750-88x Series and so on are products of WAGO, Germany.WAGO 750-88x Series is a 750-88x series programmable logic controller.WAGO 750-87x Series is a 750-87x series programmable logic controller.WAGO Series PFC100 is a programmable logic controller. a programmable logic controller. An access...

5.9CVSS6.1AI score0.00625EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/22 12:0 a.m.8 views

Mitsubishi Electric MELSEC iQ-R、iQ-L Series和MELIPC Series 安全漏洞

Mitsubishi Electric MELSEC iQ-R series and so on are products of Mitsubishi Electric Japan.Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller.Mitsubishi Electric MELSEC iQ-L series is a series of programmable logic controller.Mitsubishi Electric MELSEC iQ-L series is a seri...

7.5CVSS7.3AI score0.0167EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/11/25 12:0 a.m.7 views

Omron CX-Programmer 缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in Omron CX-Programmer version v.9.77 and prior versions, which stems from an out-of-bounds write issue...

7.8CVSS7.3AI score0.00242EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/10/13 12:0 a.m.5 views

The vulnerability of microprogrammed software in programmable logic controllers SIMATIC S7-1200 and S7-1500 is related to insufficient protection of registration data, allowing attackers to gain full access to the device.

The vulnerability of microprogrammed software in programmable logic controllers SIMATIC S7-1200 and S7-1500 is related to insufficient protection of registration data. Exploiting this vulnerability can allow an intruder to gain full access to the device...

9.3CVSS7.4AI score0.00217EPSS
Exploits0References2Affected Software6
Positive Technologies
Positive Technologies
added 2022/09/20 12:0 a.m.4 views

PT-2022-6339 · Unknown · Mklogic-500

Name of the Vulnerable Software and Affected Versions: MKLogic-500 affected versions not specified Description: The issue is related to insufficient control of parameters used in the configuration of programmable logic controllers, which is set up via FTP. This could allow a remote attacker to...

9.7CVSS7.1AI score
Exploits0References2
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.5 views

Fuji Electric D300win 缓冲区错误漏洞

Fuji Electric D300win is a PLC product and solution from Fuji Electric Japan. The Fuji Electric D300win suffers from a buffer error vulnerability that stems from susceptibility to out-of-bounds reads, which can be exploited by an attacker to leak sensitive data from process memory...

8.7CVSS6.9AI score0.00514EPSS
Exploits0References4
OSV
OSV
added 2022/08/19 9:15 p.m.3 views

CVE-2022-2788

Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering...

7.3CVSS5.8AI score0.00228EPSS
Exploits0References1
CNVD
CNVD
added 2022/08/18 12:0 a.m.33 views

LS ELECTRIC PLC and XG5000 Encryption Problem Vulnerability

LS ELECTRIC PLC is a programmable logic controller from LS ELECTRIC, a South Korean company. LS ELECTRIC PLC and XG5000 are vulnerable to an encryption issue that could be exploited by an attacker to decrypt credentials and gain full access to the affected programmable logic controller PLC...

6.5CVSS5.8AI score0.00323EPSS
Exploits0References1
Rows per page
Query Builder