385 matches found
CVE-2025-7745 Modbus TCP buffer overread
Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2...
CVE-2025-7745
CVE-2025-7745 is a buffer over-read vulnerability in ABB AC500 V2. The issue affects AC500 V2 up to version 2.5.2. Publicly available technical details specify a buffer over-read in ABB AC500 V2, with potential for abnormal behavior. The PT-2025-30638 advisory recommends updating ABB AC500 V2 to ...
The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software for WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows a hacker to execute arbitrary commands.
The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software of WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2025-48466
Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...
CVE-2025-48466
Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...
CVE-2025-48466
Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...
Advantech多款产品 安全漏洞
The Advantech WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN are all industrial automation controllers from Advantech of Taiwan, China. A command execution vulnerability exists in multiple Advantech products, which can be exploited by an attacker to remotely control a relay channel...
PT-2025-26678
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue allows an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs. This could potentially allow remote control of the relay channel, leading to...
CVE-2023-0027
Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected...
CVE-2023-1285
Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a denial-of-service DoS condition in Ethernet communication by sending a large number of specially...
CVE-2022-30937
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2021-20592
Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...
CVE-2019-6845
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol...
CVE-2019-6857
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service of the controller when reading specific memory blocks using...
CVE-2018-7794
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when reading data with invalid index using Modbus TCP...
CVE-2019-6856
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP...
CVE-2013-2784
Triangle Research International aka Tri Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service networking outage via a crafted packet to TCP port 502...
CVE-2008-5848
The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and 1 monitor or 2 control the module's Modbus/TCP I/O activity...
CVE-2022-2081
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...
CVE-2022-37301
A CWE-191: Integer Underflow Wrap or Wraparound vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU part numbers BMXP34V3.40 and prior, Modicon M580 CPU part numbers BME...