Lucene search
K

361 matches found

BDU FSTEC
BDU FSTEC
added 2024/05/31 12:0 a.m.5 views

The vulnerability of the application software interface of the microprogramming system for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.

The vulnerability of the application software interface for Microprogramming Systems, AutomationDirect P3-550E, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

8.5CVSS5.7AI score0.00489EPSS
Exploits1References6Affected Software6
Microsoft Secure
Microsoft Secure
added 2024/05/30 5:0 p.m.20 views

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology OT devices. Internet-exposed OT equipment in water and wastewater systems WWS in the US were targeted in multiple attacks over the past months by different...

9.8CVSS7.2AI score0.02089EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/08 12:0 a.m.8 views

The vulnerability of the FTP-server software of the Yokogawa FA-M3 programmable logic controller allows a intruder to trigger a service failure.

The vulnerability of the FTP server software of the Yokogawa FA-M3 programmable logic controller is related to the exhaustion of the connection limits. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5.3CVSS5.5AI score
Exploits0
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.10 views

Mitsubishi Electric MELSEC iQ-F series Security Vulnerability

The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC iQ-F series that stems from an insufficient resource pool, which can lead to a denial of service...

5.3CVSS6.7AI score0.00854EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/18 12:0 a.m.5 views

Delta Electronics WPLSoft Security Vulnerability

Delta Electronics WPLSoft is a software tool for programming Delta Programmable Logic Controllers PLCs from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics WPLSoft that stems from the presence of a buffer overflow vulnerability...

8.8CVSS7.3AI score0.00649EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.7 views

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00784EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.5 views

The vulnerability of the programming and debugging tool for PLC applications, MULTIPROG, integrated with the operating system ProConOS/ProConOS eCLR, arises from the loading of code without checking its integrity. This allows attackers to compromise the integrity of the protected information.

The vulnerability of the MULTIPROG programming and debugging tool for PLC applications, integrated with the ProConOS/ProConOS eCLR operating system, lies in the loading of code without checking its integrity. Exploiting this vulnerability allows an attacker to compromise the integrity of the...

7.8CVSS7.3AI score0.00332EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.7 views

Unitronics PLC Trust Management Issue Vulnerabilities

Unitronics PLC is a programmable logic controller with a built-in HMI panel from Unitronics Israel. A trust management issue vulnerability exists in the Unitronics PLC, which arises from the use of a default management password that allows an attacker accessing the PLC or HMI over the network to...

9.8CVSS9.1AI score0.02089EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.6 views

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, arises from deficiencies in access control. This allows a intruder to execute arbitrary code.

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to execute arbitrary code...

7.3CVSS7.6AI score0.00484EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2023/11/06 12:0 a.m.7 views

Mitsubishi Electric MELSEC iQ-F series Security Vulnerability

The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC iQ-F Series that stems from an improperly restricted authentication function...

5.3CVSS7AI score0.00942EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.7 views

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory, allowing a intruder to cause a service failure.

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

7.8CVSS7.4AI score0.00663EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/29 12:0 a.m.8 views

The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the re-release of memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the repeated release of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created project file...

7.8CVSS7.6AI score0.00186EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/05 12:0 a.m.5 views

The vulnerability of the programmable logic controller PLC-100, related to errors in TCP communication processing, allows a intruder to trigger a service failure.

The vulnerability of the programmable logic controller PLC-100 is related to errors in TCP communication processing. Exploiting this vulnerability can allow a remote attacker to cause service failures...

9.4CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/29 12:0 a.m.5 views

The vulnerability of the web-server of the programmable logical controller ioLogik, related to deficiencies in access control, allows a intruder to gain unauthorized access to confidential data.

The vulnerability of the web-server-based programmable logic controller ioLogik is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential data...

5.3CVSS6.5AI score0.00304EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.5 views

The vulnerability of the Control FPWIN Pro PLC programming software lies in the possibility of data being written outside of the buffer in memory, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PLC programming software Control FPWIN Pro relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.6AI score0.00279EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/11 12:0 a.m.6 views

The vulnerability of microprogrammed software in WAGO 750 programmable logic controllers, which stems from insufficient validation of input data, allows a intruder to trigger malfunctions during maintenance operations.

The vulnerability of the microprogrammed software in WAGO 750 programmable logic controllers is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause malfunctions by using specially crafted packages...

6.1CVSS6AI score0.0085EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/07/03 12:0 a.m.6 views

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U lies in the lack of authentication for a critical function, allowing an intruder to delete arbitrary files.

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to delete arbitrary files...

9.1CVSS7.9AI score0.00691EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.7 views

The vulnerability of the SatRLT.OS software for programmable logic controllers “Satellite-A” lies in the insecure transmission of authentication data. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the SatRLT.OS software for programmable logic controllers “Satellite-A” lies in the insecure transmission of authentication data. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...

8.1CVSS5.9AI score
Exploits0References1
CNVD
CNVD
added 2023/04/21 12:0 a.m.13 views

Schneider Electric EcoStruxure Control Expert Code Execution Vulnerability

Schneider Electric EcoStruxure Control Expert is a suite of programming software for Schneider Electric logic controller products from Schneider Electric, France. A code execution vulnerability exists in Schneider Electric EcoStruxure Control Expert V15.1 and prior versions, which arises from the...

8.8CVSS7.6AI score0.00845EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.7 views

The vulnerability of the microprogrammed software in programmable logic controllers ABB AC500, which allows a intruder to cause a service failure

The vulnerability of the microprogrammed logic controllers ABB AC500 is related to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

5.3CVSS5.9AI score0.00557EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder