1659 matches found
EUVD-2022-33055
Malicious code in bioql PyPI...
EUVD-2022-52123
Malicious code in bioql PyPI...
EUVD-2022-39936
Malicious code in bioql PyPI...
EUVD-2024-48466
Malicious code in bioql PyPI...
EUVD-2024-49495
Malicious code in bioql PyPI...
EUVD-2025-26324
Malicious code in bioql PyPI...
MALF: A Multi-Agent LLM Framework for Intelligent Fuzzing of Industrial Control Protocols
Industrial control systems ICS are vital to modern infrastructure but increasingly vulnerable to cybersecurity threats, particularly through weaknesses in their communication protocols. This paper presents MALF Multi-Agent LLM Fuzzing Framework, an advanced fuzzing solution that integrates large...
GE UR family Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-27424)
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a Last-key pressed MODBUS register can be used to gain unauthorized information. This plugin only works with Tenable.ot. Please visit...
Advisory ROSA-SA-2025-3001
software: suricata 7.0.11 WASP: ROSA-CHROME unaffected versions = suricata-7.0.11-1 affected versions suricata-7.0.11-1 CVE-ID: CVE-2024-38534 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in Suricata allows system resources to be consumed by certain modbus traffic. CVE-STATUS: The...
ICSLure: a Very High Interaction Honeynet for PLC-Based Industrial Control Systems
The security of Industrial Control Systems ICSs is critical to ensuring the safety of industrial processes and personnel. The rapid adoption of Industrial Internet of Things IIoT technologies has expanded system functionality but also increased the attack surface, exposing ICSs to a growing range...
CVE-2025-7405
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, since MODBUS/TCP in the products does not...
Linux Distros Unpatched Vulnerability : CVE-2024-34244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbuswritebits function. This issue can be triggered when the function is fed with specially crafted...
An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 2)
Program Vulnerabilities and Manual Assessment This is the second in a three-part series on building and using a testing bench for Industrial Control Systems ICS. In this series, we will build a physical test bench, review program logic to find flaws, perform manual exploitation of commonly used I...
CVE-2025-7405
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, since MODBUS/TCP in the products does not...
CVE-2025-7405
CVE-2025-7405 concerns Mitsubishi Electric MELSEC iQ-F Series CPU module with missing authentication for the MODBUS/TCP function, enabling remote, unauthenticated reads/writes of device values and potential disruption of program operation. Affected product is MELSEC iQ-F Series CPU module; root c...
CVE-2025-7405 Information Disclosure, Information Tampering, and Denial of Service (DoS) Vulnerability in MELSEC iQ-F Series CPU module
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, since MODBUS/TCP in the products does not...
CVE-2025-7405 Information Disclosure, Information Tampering, and Denial of Service (DoS) Vulnerability in MELSEC iQ-F Series CPU module
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, since MODBUS/TCP in the products does not...
PT-2025-35445
Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric MELSEC iQ-F Series CPU module affected versions not specified Description: A missing authentication feature in the MODBUS/TCP implementation of the Mitsubishi Electric MELSEC iQ-F Series CPU module allows a remote,...
Mitsubishi Electric MELSEC iQ-F Series CPU Module
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read or write the device values of the product. In addition, the attacker may be able to stop the operation of the programs. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...
Linux Distros Unpatched Vulnerability : CVE-2021-39921
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture...