Lucene search
K

1669 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:19 a.m.5 views

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

6.9CVSS6.8AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:31 a.m.6 views

CVE-2024-8936

CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory...

8.3CVSS6.7AI score0.00488EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:31 a.m.8 views

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

8.3CVSS7.7AI score0.00573EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.11 views

CVE-2023-0027

Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected...

5.3CVSS6.6AI score0.00849EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:37 a.m.9 views

CVE-2023-35835

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication such as an encryption key and persists permanently, including after enrollment and setup is complete. The WiF...

9.8CVSS7.4AI score0.00508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.13 views

CVE-2023-5460

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...

5.7CVSS6.9AI score0.00388EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:58 a.m.5 views

CVE-2023-1150

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets...

7.5CVSS7.1AI score0.00933EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:38 a.m.15 views

CVE-2023-5462

A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The...

7.5CVSS6.7AI score0.00895EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:34 a.m.6 views

CVE-2023-1285

Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a denial-of-service DoS condition in Ethernet communication by sending a large number of specially...

7.5CVSS7AI score0.00686EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:35 a.m.7 views

CVE-2022-4856

A vulnerability has been found in Modbus Tools Modbus Slave up to 7.5.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file mbslave.exe of the component mbs File Handler. The manipulation leads to buffer overflow. The attack can be launched remotely...

7.8CVSS7.2AI score0.00589EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 12:33 a.m.10 views

CVE-2022-4857

A vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and classified as critical. Affected by this issue is some unknown functionality of the file mbpoll.exe of the component mbp File Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit...

7.8CVSS7.1AI score0.00658EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 p.m.8 views

CVE-2022-24322

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...

5.9CVSS6.8AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 p.m.23 views

CVE-2022-30937

A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...

7.8CVSS6.9AI score0.01182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:27 p.m.8 views

CVE-2021-30065

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-2017-11401...

9.8CVSS7AI score0.01397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:10 p.m.10 views

CVE-2021-27424

GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a “Last-key pressed” MODBUS register can be used to gain unauthorized information...

5.3CVSS7.1AI score0.00844EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.5 views

CVE-2021-20592

Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...

7.8CVSS7AI score0.01497EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.4 views

CVE-2021-22816

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334...

7.8CVSS6.9AI score0.00947EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.5 views

CVE-2021-22779

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert all versions prior to V15.0 SP1, including all versions of Unity Pro, EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert all versions, including all versions of EcoStruxure Hybrid DCS, SCADAPack...

9.1CVSS6.8AI score0.01014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:2 p.m.17 views

CVE-2020-28213

A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause unauthorized command execution when sending specially crafted requests over Modbus...

8.8CVSS7.3AI score0.01129EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:49 p.m.16 views

CVE-2020-7543

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...

7.5CVSS6.9AI score0.01311EPSS
Exploits0References1
Rows per page
Query Builder