361 matches found
The vulnerability of the application software interface of the microprogramming system for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.
The vulnerability of the application software interface for Microprogramming Systems, AutomationDirect P3-550E, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology OT devices. Internet-exposed OT equipment in water and wastewater systems WWS in the US were targeted in multiple attacks over the past months by different...
The vulnerability of the FTP-server software of the Yokogawa FA-M3 programmable logic controller allows a intruder to trigger a service failure.
The vulnerability of the FTP server software of the Yokogawa FA-M3 programmable logic controller is related to the exhaustion of the connection limits. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
Mitsubishi Electric MELSEC iQ-F series Security Vulnerability
The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC iQ-F series that stems from an insufficient resource pool, which can lead to a denial of service...
Delta Electronics WPLSoft Security Vulnerability
Delta Electronics WPLSoft is a software tool for programming Delta Programmable Logic Controllers PLCs from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics WPLSoft that stems from the presence of a buffer overflow vulnerability...
The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML references to external objects. This vulnerability allows attackers to gain unauthorized access to protected information.
The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the programming and debugging tool for PLC applications, MULTIPROG, integrated with the operating system ProConOS/ProConOS eCLR, arises from the loading of code without checking its integrity. This allows attackers to compromise the integrity of the protected information.
The vulnerability of the MULTIPROG programming and debugging tool for PLC applications, integrated with the ProConOS/ProConOS eCLR operating system, lies in the loading of code without checking its integrity. Exploiting this vulnerability allows an attacker to compromise the integrity of the...
Unitronics PLC Trust Management Issue Vulnerabilities
Unitronics PLC is a programmable logic controller with a built-in HMI panel from Unitronics Israel. A trust management issue vulnerability exists in the Unitronics PLC, which arises from the use of a default management password that allows an attacker accessing the PLC or HMI over the network to...
The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, arises from deficiencies in access control. This allows a intruder to execute arbitrary code.
The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to execute arbitrary code...
Mitsubishi Electric MELSEC iQ-F series Security Vulnerability
The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC iQ-F Series that stems from an improperly restricted authentication function...
The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory, allowing a intruder to cause a service failure.
The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...
The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the re-release of memory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the repeated release of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created project file...
The vulnerability of the programmable logic controller PLC-100, related to errors in TCP communication processing, allows a intruder to trigger a service failure.
The vulnerability of the programmable logic controller PLC-100 is related to errors in TCP communication processing. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerability of the web-server of the programmable logical controller ioLogik, related to deficiencies in access control, allows a intruder to gain unauthorized access to confidential data.
The vulnerability of the web-server-based programmable logic controller ioLogik is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential data...
The vulnerability of the Control FPWIN Pro PLC programming software lies in the possibility of data being written outside of the buffer in memory, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the PLC programming software Control FPWIN Pro relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of microprogrammed software in WAGO 750 programmable logic controllers, which stems from insufficient validation of input data, allows a intruder to trigger malfunctions during maintenance operations.
The vulnerability of the microprogrammed software in WAGO 750 programmable logic controllers is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause malfunctions by using specially crafted packages...
The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U lies in the lack of authentication for a critical function, allowing an intruder to delete arbitrary files.
The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to delete arbitrary files...
The vulnerability of the SatRLT.OS software for programmable logic controllers “Satellite-A” lies in the insecure transmission of authentication data. This allows attackers to escalate their privileges and execute arbitrary code.
The vulnerability of the SatRLT.OS software for programmable logic controllers “Satellite-A” lies in the insecure transmission of authentication data. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...
Schneider Electric EcoStruxure Control Expert Code Execution Vulnerability
Schneider Electric EcoStruxure Control Expert is a suite of programming software for Schneider Electric logic controller products from Schneider Electric, France. A code execution vulnerability exists in Schneider Electric EcoStruxure Control Expert V15.1 and prior versions, which arises from the...
The vulnerability of the microprogrammed software in programmable logic controllers ABB AC500, which allows a intruder to cause a service failure
The vulnerability of the microprogrammed logic controllers ABB AC500 is related to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...