Lucene search
K

208 matches found

OSV
OSV
added 2021/07/21 3:15 p.m.4 views

CVE-2021-22772

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...

9.8CVSS7.3AI score
Exploits0References1
CNNVD
CNNVD
added 2021/07/21 12:0 a.m.3 views

Schneider Electric Easergy T200产品访问控制错误漏洞

Schneider-electric Schneider Electric Easergy T200 is a remote control terminal for medium/low voltage substations from Schneider-electric, France. An access control error vulnerability exists in several Schneider Electric products due to a lack of valid authorized operation of the product and...

9.8CVSS8.3AI score0.01541EPSS
Exploits0References2
Gitee
Gitee
added 2021/07/08 3:17 p.m.4 views

isf

This is an Industrial Exploitation Framework ISF repository, a Python-based framework for exploitation and testing of industrial control systems ICS. The framework is similar to Metasploit and is designed to be used for penetration testing and vulnerability assessment of ICS devices. The reposito...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.5 views

Phoenix Contact FL COMSERVER UNI 安全漏洞

The Phoenix Contact FL COMSERVER UNI is an interface converter from Phoenix Contac Phoenix Contact, Germany. Serial Device Server for Converting Serial 232/422/485 Interfaces to Ethernet A security vulnerability exists in the Phoenix Contact FL COMSERVER UNI, which stems from an invalid Modbus...

7.5CVSS7.3AI score0.00961EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/06/11 3:40 p.m.5 views

CVE-2021-22764

A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially...

6.1AI score0.01858EPSS
Exploits0References1
OSV
OSV
added 2020/12/11 1:15 a.m.3 views

CVE-2020-7542

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...

7.5CVSS7.1AI score0.01311EPSS
Exploits0References1
OSV
OSV
added 2020/12/11 1:15 a.m.3 views

CVE-2020-7537

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...

7.5CVSS7.1AI score0.01382EPSS
Exploits0References1
OSV
OSV
added 2020/12/11 1:15 a.m.3 views

CVE-2020-7543

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...

7.5CVSS7.1AI score0.01311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/12/11 12:0 a.m.5 views

PT-2020-19620 · Schneider Electric · Modicon M580 +3

Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Legacy Controllers Modicon Premium affected versions not specified Description: A...

7.5CVSS7.3AI score0.01311EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2020/12/08 12:0 a.m.5 views

PT-2020-6372 · Schneider Electric · Modicon M580 +3

Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Modicon Premium affected versions not specified Description: A vulnerability exists...

7.8CVSS7.3AI score0.01382EPSS
Exploits0References28
BDU FSTEC
BDU FSTEC
added 2020/12/07 12:0 a.m.4 views

The vulnerability of the Modbus terminal protocol implementation in the EKRA 200 microprocessor series allows a hacker to execute any Modbus command and alter the controller’s configuration, including modifying the control program and executing arbitrary code.

The vulnerability of the Modbus microprogramming software for ECUs exists due to the lack of authentication for any Modbus protocol commands. Exploiting this vulnerability allows a malicious actor to execute any Modbus command remotely and alter the controller’s configuration, including modifying...

10CVSS5.8AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/11/19 12:0 a.m.9 views

Schneider Electric Unity Pro 安全漏洞

Schneider Electric EcoStruxure Control Expert is the universal programming, commissioning and operating software for the Modicon M340, M580, M580S, Premium, Momentum and Quantum series. A command execution vulnerability exists in Schneider Electric EcoStruxure Control Expert. The vulnerability...

8.8CVSS7.6AI score0.01129EPSS
Exploits0References2
CNNVD
CNNVD
added 2020/11/19 12:0 a.m.8 views

Schneider Electric EcoStruxure Control Expert Security Vulnerability

Schneider Electric EcoStruxure Control Expert formerly known as Unity Pro is a suite of programming software for Schneider Electric logic controller products from Schneider Electric, France. A security vulnerability exists in EcoStruxure Control Expert that stems from a specially crafted request...

7.5CVSS7.1AI score0.01882EPSS
Exploits1References3
Metasploit
Metasploit
added 2020/09/09 5:40 p.m.214 views

Modbus Banner Grabbing

This module grabs the banner of any device running the Modbus protocol by sending a request with Modbus Function Code 43 Read Device Identification. Modbus is a data communications protocol originally published by Modicon now Schneider Electric in 1979 for use with its programmable logic...

7.1AI score
Exploits0
OSV
OSV
added 2020/01/06 11:15 p.m.3 views

CVE-2019-6856

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP...

7.5CVSS7.1AI score0.0163EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2020/01/06 10:57 p.m.5 views

CVE-2019-6856

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP...

7.1AI score0.0163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/01/06 12:0 a.m.13 views

PT-2020-8981

Name of the Vulnerable Software and Affected Versions Modicon M580 affected versions not specified Modicon M340 affected versions not specified Modicon Quantum affected versions not specified Modicon Premium affected versions not specified Description A vulnerability exists that could cause a...

7.5CVSS7.1AI score0.01399EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.4 views

The vulnerability of Modicon microprogrammed controllers lies in the transmission of confidential information in open text using the Modbus TCP protocol during controller programming, allowing attackers to disclose the protected information.

The vulnerability of Modicon controllers’ microprogramming software lies in the transmission of confidential information as open text using the Modbus TCP protocol during controller programming. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...

7.8CVSS7.2AI score0.01064EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/11/14 12:0 a.m.4 views

The vulnerability of the Modbus protocol implementation in the “Communication Server” software of the EKRASMS-SP program suite for microprocessor-based EKRA 200 terminals allows a perpetrator to execute any command they desire.

The vulnerability of the Modbus protocol implementation in the “Communication Server” software of the EKRASMS-SP suite for microprocessor-based EKRA 200 terminals exists due to insufficient filtering of symbols in file paths. Exploiting this vulnerability allows a malicious actor to execute...

4.3CVSS5.9AI score
Exploits0Affected Software2
CNVD
CNVD
added 2019/10/31 12:0 a.m.1 views

Schneider 140NOE77101 Ethernet Module MODBUS Protocol Denial of Service Vulnerability

The 140NOE77101 is an Ethernet communication module for the Quantum series of PLCs from Schneider. A denial of service vulnerability exists in the MODBUS protocol of the Schneider 140NOE77101 Ethernet Module, which can be exploited by an attacker to be a denial of service to the server...

6.8AI score
Exploits0
Rows per page
Query Builder