1662 matches found
CVE-2016-7112
CVE-2016-7112 is an Authentication Bypass vulnerability in the Siemens EN100 Ethernet module used with SIPROTEC 4/Compact and related equipment. Affected firmware variants PROFINET IO, Modbus TCP, DNP3 TCP, and IEC 104 in all SIPROTEC 4/Compact deployments allow remote attackers with access to th...
MODBUS Penetration Testing Framework: smod
MODBUS Penetration Testing Framework smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. It is a full Modbus protocol implementation using Python and Scapy. This software could be run on Linux/OSX under python 2.7.x...
Shanghai Xunrao X2Cloud Cloud Gateway Denial of Service Vulnerability
X2Cloud cloud gateway is a cloud gateway product of Shanghai Xunrao Company. The gateway collects data and then stores the data to the cloud platform, which sends the data to the outside through Modbus TCP interface or its own Web interface. Shanghai Xunrao X2Cloud cloud gateway denial of service...
CVE-2016-4785
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...
CVE-2016-4784
A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...
Design/Logic Flaw
A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...
[SECURITY] Fedora 23 Update: libmodbus-3.0.6-1.fc23
libmodbus is a C library designed to provide a fast and robust implementati on of the Modbus protocol. It runs on Linux, Mac OS X, FreeBSD, QNX and Windows. This package contains the libmodbus shared library...
[SECURITY] Fedora 22 Update: libmodbus-3.0.6-1.fc22
libmodbus is a C library designed to provide a fast and robust implementati on of the Modbus protocol. It runs on Linux, Mac OS X, FreeBSD, QNX and Windows. This package contains the libmodbus shared library...
Smod - MODBUS Penetration Testing Framework
smod is a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. It is a full Modbus protocol implementation using Python and Scapy. This software could be run on Linux/OSX under python 2.7.x. Feel free to make pull requests, if...
NetworkMiner 2.0 - Network Forensic Analysis Tool (NFAT)
NetworkMiner is a Network Forensic Analysis Tool NFAT for Windows but also works in Linux / Mac OS X / FreeBSD. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the...
Advantech EKI Vulnerable to Bypass, Possible Backdoor
Researchers have uncovered yet another issue–and potential backdoor–in Advantech’s beleaguered EKI-1322 serial device server. The Dropbear SSH daemon associated with the server, because of heavy modifications, fails to enforce authentication. This makes it so any user who wants to bypass...
Advantech EKI Vulnerable to Shellshock, Heartbleed
Twice in the past year, security researchers have found and reported critical vulnerabilities in Modbus gateways built by Advantech that are used to connect serial devices in industrial control environments to IP networks. Most recently, independent security researcher Neil Smith found hard-coded...
TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow
!/usr/bin/perl TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit Vendor: TECO Electric and Machinery Co., Ltd. Product web page: http://www.teco-group.eu Download: http://globalsa.teco.com.tw/supportdownload.aspx?KindID=9 Affected version: 1.482 and 1.462 Summary: JN5 DriveLink ...
TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit
JN5 DriveLink is a free program that enables you to configure the AC Motor Drive, 510 Series PC-Link. It provides support for sleep and fire modes favourable for pumps, fans, compressors, and HVAC and communication network protocol of Modbus/ BACnet/ Metasys N2. The vulnerability is caused due to...
TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow (SEH)
TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow SEH !/usr/bin/perl TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit Vendor: TECO Electric and Machinery Co., Ltd. Product web page: http://www.teco-group.eu Download:...
TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite Buffer Overflow (SEH)
!/usr/bin/perl TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit Vendor: TECO Electric and Machinery Co., Ltd. Product web page: http://www.teco-group.eu Download: http://globalsa.teco.com.tw/supportdownload.aspx?KindID=9 Affected version: 1.482 and 1.462 Summary: JN5 DriveLink ...
Advantech EKI Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update B Part 1 of 3 -------- HD Moore of Rapid7 identified several vulnerabilities in...
Schneider Electric Modicon M340 PLC Station P34 Module HMI Vulnerabilities
Update Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON. The Industrial Control System Cyber Emergency Response Team ICS-CERT released an alert late last week and patches are currently being validated according to ICS-CE...
Advantech EKI Hard-coded SSH Keys Vulnerability
OVERVIEW Independent researcher Neil Smith has identified a hard-coded SSH key vulnerability in Advantech’s EKI-122X series products. Advantech has produced new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Advantech reports that the...
CVE-2015-5374
CVE-2015-5374 affects Siemens SIPROTEC 4/Compact devices with EN100 Ethernet modules (PROFINET IO, Modbus TCP, DNP3 TCP, IEC 104 firmware) and SIPROTEC 6MU80 integration. The flaw is an improper input validation that allows specially crafted UDP packets to port 50000 to cause a denial-of-service,...