208 matches found
CVE-2021-22772
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 Modbus SC2-04MOD-07000100 and earlier, Easergy T200 IEC104 SC2-04IEC-07000100 and earlier, and Easergy T200 DNP3 SC2-04DNP-07000102 and earlier that could cause unauthorized operation when authentication ...
Schneider Electric Easergy T200产品访问控制错误漏洞
Schneider-electric Schneider Electric Easergy T200 is a remote control terminal for medium/low voltage substations from Schneider-electric, France. An access control error vulnerability exists in several Schneider Electric products due to a lack of valid authorized operation of the product and...
isf
This is an Industrial Exploitation Framework ISF repository, a Python-based framework for exploitation and testing of industrial control systems ICS. The framework is similar to Metasploit and is designed to be used for penetration testing and vulnerability assessment of ICS devices. The reposito...
Phoenix Contact FL COMSERVER UNI 安全漏洞
The Phoenix Contact FL COMSERVER UNI is an interface converter from Phoenix Contac Phoenix Contact, Germany. Serial Device Server for Converting Serial 232/422/485 Interfaces to Ethernet A security vulnerability exists in the Phoenix Contact FL COMSERVER UNI, which stems from an invalid Modbus...
CVE-2021-22764
A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially...
CVE-2020-7542
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
CVE-2020-7537
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
CVE-2020-7543
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
PT-2020-19620 · Schneider Electric · Modicon M580 +3
Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Legacy Controllers Modicon Premium affected versions not specified Description: A...
PT-2020-6372 · Schneider Electric · Modicon M580 +3
Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Modicon Premium affected versions not specified Description: A vulnerability exists...
The vulnerability of the Modbus terminal protocol implementation in the EKRA 200 microprocessor series allows a hacker to execute any Modbus command and alter the controller’s configuration, including modifying the control program and executing arbitrary code.
The vulnerability of the Modbus microprogramming software for ECUs exists due to the lack of authentication for any Modbus protocol commands. Exploiting this vulnerability allows a malicious actor to execute any Modbus command remotely and alter the controller’s configuration, including modifying...
Schneider Electric Unity Pro 安全漏洞
Schneider Electric EcoStruxure Control Expert is the universal programming, commissioning and operating software for the Modicon M340, M580, M580S, Premium, Momentum and Quantum series. A command execution vulnerability exists in Schneider Electric EcoStruxure Control Expert. The vulnerability...
Schneider Electric EcoStruxure Control Expert Security Vulnerability
Schneider Electric EcoStruxure Control Expert formerly known as Unity Pro is a suite of programming software for Schneider Electric logic controller products from Schneider Electric, France. A security vulnerability exists in EcoStruxure Control Expert that stems from a specially crafted request...
Modbus Banner Grabbing
This module grabs the banner of any device running the Modbus protocol by sending a request with Modbus Function Code 43 Read Device Identification. Modbus is a data communications protocol originally published by Modicon now Schneider Electric in 1979 for use with its programmable logic...
CVE-2019-6856
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP...
CVE-2019-6856
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP...
PT-2020-8981
Name of the Vulnerable Software and Affected Versions Modicon M580 affected versions not specified Modicon M340 affected versions not specified Modicon Quantum affected versions not specified Modicon Premium affected versions not specified Description A vulnerability exists that could cause a...
The vulnerability of Modicon microprogrammed controllers lies in the transmission of confidential information in open text using the Modbus TCP protocol during controller programming, allowing attackers to disclose the protected information.
The vulnerability of Modicon controllers’ microprogramming software lies in the transmission of confidential information as open text using the Modbus TCP protocol during controller programming. Exploiting this vulnerability can allow a remote attacker to disclose the protected information...
The vulnerability of the Modbus protocol implementation in the “Communication Server” software of the EKRASMS-SP program suite for microprocessor-based EKRA 200 terminals allows a perpetrator to execute any command they desire.
The vulnerability of the Modbus protocol implementation in the “Communication Server” software of the EKRASMS-SP suite for microprocessor-based EKRA 200 terminals exists due to insufficient filtering of symbols in file paths. Exploiting this vulnerability allows a malicious actor to execute...
Schneider 140NOE77101 Ethernet Module MODBUS Protocol Denial of Service Vulnerability
The 140NOE77101 is an Ethernet communication module for the Quantum series of PLCs from Schneider. A denial of service vulnerability exists in the MODBUS protocol of the Schneider 140NOE77101 Ethernet Module, which can be exploited by an attacker to be a denial of service to the server...