CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2024-10498

Schneider Electric PowerLogic HDPM6000 is affected (CVE-2024-10498) by CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. A memory-buffer bounds violation allows a remote attacker to modify configuration values outside the permitted range by sending specific Modbus ...

Schneider Electric PowerLogic HDPM6000 缓冲区错误漏洞

The Schneider Electric PowerLogic HDPM6000 is a high density metering system from Schneider Electric France. A buffer error vulnerability exists in the Schneider Electric PowerLogic HDPM6000, which stems from the inclusion of a memory buffer in-bounds operationally unrestricted vulnerability that...

CVE-2024-50953

An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service DoS via a crafted Modbus message...

CVE-2024-50954

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network LAN, sending a specific Modbus message to the controller can cau...

CVE-2024-50954

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network LAN, sending a specific Modbus message to the controller can cau...

CVE-2024-50953

An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service DoS via a crafted Modbus message...

XINJE XL5E-16T和XINJE XD5E-24R-E 安全漏洞

XINJE XL5E-16T and XINJE XD5E-24R-E are both products of China XINJE Corporation XINJE.XINJE XL5E-16T is an enhanced Ethernet controller.XINJE XD5E-24R-E is an Ethernet controller. A security vulnerability exists in the XINJE XL5E-16T and XINJE XD5E-24R-E.5.3b through 3.7.2a versions, which stems...

XINJE XL5E-16T 安全漏洞

The XINJE XL5E-16T is an enhanced Ethernet controller from China XINJE Corporation XINJE. A security vulnerability exists in the XINJE XL5E-16T version 3.7.2a, which originated from a vulnerability that allows an attacker to cause a denial of service via a specially crafted Modbus message...

CVE-2024-50953

An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service DoS via a crafted Modbus message...

CVE-2024-50953

Affected product: XINJE XL5E-16T controller, version 3.7.2a. Vulnerability: Denial of Service via a specially crafted Modbus message. The provided documents do not specify the exact root cause or exploit details. Impact: DoS; no confidentiality/integrity impact stated. Remediation/Workaround: Not...

CVE-2024-50954

The CVE-2024-50954 issue affects XINJE XL5E-16T and XD5E-24R-E PLCs running V3.5.3b–V3.7.2a. The root cause is a vulnerability in Modbus message handling over a TCP LAN connection, which can crash the controller and disrupt operation, evidenced by the ERR indicator lighting and RUN indicator turn...

CVE-2024-50954

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network LAN, sending a specific Modbus message to the controller can cau...

Vulnerability fixed in Schneider Electric Modicon

Schneider Electric has fixed a vulnerability in devices that use the Modbus protocol. The vulnerability is in how devices using the Modbus protocol validate input. When an unauthenticated and customized Modbus packet is sent to the device, it can result in a denial-of-service, compromising both t...

CVE-2024-11737

CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device...

CVE-2024-11737

CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device...

CVE-2024-11737

CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device...

CVE-2024-11737

CVE-2024-11737 affects Schneider Electric Modicon controllers (M241/M251/M258 and LMC058). The vulnerability is improper input validation in Modbus processing, allowing an unauthenticated crafted Modbus packet to cause denial of service and compromise confidentiality and integrity of the controll...