1669 matches found
Siemens En100 Missing Authentication for Critical Function
A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant All versions V4.30, EN100 Ethernet module DNP3 variant All versions V1.04, EN100 Ethernet module PROFINET IO variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module IEC 104...
Siemens Dnp3 Improper Input Validation
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet...
Schneider 140NOE77101 Ethernet Module MODBUS Protocol Denial of Service Vulnerability
The 140NOE77101 is an Ethernet communication module for the Quantum series of PLCs from Schneider. A denial of service vulnerability exists in the MODBUS protocol of the Schneider 140NOE77101 Ethernet Module, which can be exploited by an attacker to be a denial of service to the server...
Carel pCOWeb HVAC Modbus Interface Authentication Bypass
Advisory: Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC As part of it's features, the Carel pCOWeb card exposes a Modbus interface to the network. By design, Modbus does not provide authentication, allowing to control the affected system. Details ======= Product: HVAC units usin...
Schneider Electric Modicon M580/BMENOC 0311/BMENOC 0321 Information Disclosure Vulnerability (CNVD-2019-44958)
The Modicon M580/BMENOC 0311/BMENOC 0321 are programmable logic controllers from Schneider Electric. An information disclosure vulnerability exists in the Modicon M580/BMENOC 0311/BMENOC 0321. An attacker could exploit this vulnerability to obtain sensitive information when using certain Modbus...
CVE-2019-6849
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module...
CVE-2019-6845
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol...
Information disclosure
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module...
Design/Logic Flaw
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol...
CVE-2019-6849
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module...
CVE-2019-6849
CVE-2019-6849 affects Schneider Electric Modicon M580 controllers and BMENOC 0311/0321 modules, where certain Modbus REST API services may disclose sensitive information. The root cause is an information-exposure vulnerability (CWE-200) in the Modbus services exposed by the controller/communicati...
CVE-2019-6845
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol...
CVE-2019-6845
The CVE-2019-6845 vulnerability affects Schneider Electric Modicon M580 (and related models) due to cleartext transmission of sensitive information via UMAS, and is tied to FTP/TFTP and device programming data paths. Talos reports an exploitable information-disclosure in UMAS with cleartext trans...
Unmasking mystery boxes on ship’s bridges
We pen test a variety of vessel and platform types across different fleets and operators. In every single test to date we have unearthed a system or device, that of the few crew that were aware, no-one could tell us what it is was for. In other scenarios an undocumented system or device would be...
Schneider Electric Modicon M580 TFTP server information disclosure vulnerability
Summary An exploitable information disclosure vulnerability exists in the TFTP server functionality of the Schneider Electric Modicon M580 Programmable Automation Controller. A specially crafted TFTP get request can cause a file download, resulting in disclosure of sensitive information. An...
Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability
Summary An exploitable denial of service vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to enter a non-recoverable fault...
Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability
Summary An exploitable information disclosure vulnerability exists in the UMAS functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Schneider Electric...
CVE-2019-6828
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 firmware version prior to V2.90, Modicon M340 firmware version prior to V3.10, Modicon Premium all versions, and Modicon Quantum all versions, which could cause a possible denial of service when reading specific coils and registers i...
CVE-2019-6829
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 firmware version prior to V2.90 and Modicon M340 firmware version prior to V3.10, which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus...
CVE-2019-6829
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 firmware version prior to V2.90 and Modicon M340 firmware version prior to V3.10, which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus...