563 matches found
Critical Bugs in Rockwell, Johnson Controls ICS Gear
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...
The vulnerability of the microprogramming software used in MicroLogix 1400 A, MicroLogix 1400 B, MicroLogix 1100, CompactLogix 5370 L1, CompactLogix 5370 L2, and CompactLogix 5370 L3 allows a hacker to redirect the target user to a malicious website using a specially created link.
The vulnerability of microprogrammed logic controllers from MicroLogix, such as MicroLogix 1400 A, MicroLogix 1400 B, MicroLogix 1100, CompactLogix 5370 L1, CompactLogix 5370 L2, and CompactLogix 5370 L3, is related to the redirection of URLs to unreliable websites. Exploiting this vulnerability...
Rockwellautomation 1763-l16awa Use of Insufficiently Random Values
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Rockwellautomation Micrologix Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting XSS vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. File data ot500043.nasl...
Rockwellautomation Controllogix Unspecified Vulnerability
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...
Rockwellautomation 1763-l16awa Exposure of Sensitive Information to an Unauthorized Actor
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00...
Rockwellautomation Micrologix Improper Restriction of Operations within the Bounds of a Memory Buffer
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service memory corruption and device crash via a crafted HTTP request. File data ot500089.nasl...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable denial of service vulnerability exists in the program download functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a device fault resulting in halted operations. An attacker can send an unauthenticated packet to trigger...
Rockwellautomation Micrologix Improper Input Validation
An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted packet can cause a device power cycle resulting in a fault state and deletion of ladder logic. An attacker can send one...
Rockwellautomation 1763-l16awa Unspecified Vulnerability
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD,...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Rockwellautomation Micrologix Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. File data ot500038.nasl...
Rockwellautomation Micrologix Uncontrolled Resource Consumption
An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted snmp-set request, when sent without associated firmware flashing snmp-set commands, can cause a device power cycle...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Rockwellautomation 1763-l16awa Unspecified Vulnerability
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD,...
Rockwellautomation Micrologix Unspecified Vulnerability
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Rockwellautomation Micrologix Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors. File data ot500134.nasl...