CVE-2019-6529

An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior to release R02 or Software Version 1.1.13166...

CVE-2019-6816

In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol...

CVE-2019-6829

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 firmware version prior to V2.90 and Modicon M340 firmware version prior to V3.10, which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus...

CVE-2018-7855

A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a Denial of Service when sending invalid breakpoint parameters to the controller over Modbus...

CVE-2018-7794

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when reading data with invalid index using Modbus TCP...

CVE-2019-6856

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP...

CVE-2018-7852

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus...

CVE-2018-7848

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus...

CVE-2018-7844

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus...

CVE-2018-7846

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller...

CVE-2011-4861

The modbus125handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502...

CVE-2013-2784

Triangle Research International aka Tri Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service networking outage via a crafted packet to TCP port 502...

CVE-2008-5848

The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and 1 monitor or 2 control the module's Modbus/TCP I/O activity...

AutomationDirect MB-Gateway 访问控制错误漏洞

AutomationDirect MB-Gateway is a single-port Modbus gateway module from AutomationDirect, Inc. that converts Modbus TCP to Modbus RTU. An access control error vulnerability exists in the AutomationDirect MB-Gateway that stems from a lack of authentication and access control on the embedded web...

Airiana 代码问题漏洞

Airiana is a SystemAir Modbus ventilation controller by Daniel Halling, a personal developer. A code issue vulnerability exists in Airiana version 11.0 and earlier, which stems from improper handling of the file coef and could lead to a deserialization attack...

The vulnerability of the web server of the microprogramming software for the Modbus AutomationDirect MB-Gateway allows a perpetrator to gain unauthorized access to the device.

The vulnerability of the web server of the microprogramming-based Modbus AutomationDirect MB-Gateway software lies in the absence of an authentication mechanism for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the...

Siemens VersiCharge AC Series EV Charger Modbus Port Arbitrary Code Execution Vulnerability

The VersiCharge AC Series Electric Vehicle Charger is an electric vehicle charging device from Siemens for a variety of application scenarios, including workplaces, retail, parking lots, multi-unit housing, public charging and home charging. An arbitrary code execution vulnerability exists in the...

Siemens VersiCharge AC Series 安全漏洞

The VersiCharge AC Series Electric Vehicle Charger is an electric vehicle charging device from Siemens for a variety of application scenarios, including workplaces, retail, parking lots, multi-unit housing, public charging and home charging. An arbitrary code execution vulnerability exists in the...

Danfoss AK-SM 8xxA Series 安全漏洞

Danfoss AK-SM 8xxA Series is a series of industrial-grade intelligent pressure sensors from Danfoss, Denmark, designed for refrigeration and air conditioning systems and supporting Modbus communication. A security vulnerability exists in Danfoss AK-SM 8xxA Series versions prior to 4.2, which stem...

Honeywell MB-Secure 安全漏洞

Honeywell MB-Secure is an industrial-grade network security solution from Honeywell USA designed for the Modbus protocol to provide communication protection and access control for industrial control systems ICS. A security vulnerability exists in Honeywell MB-Secure versions prior to V11.04 throu...