FreeBSD : zeek -- potential DoS vulnerabilities (3110b29e-c82d-4287-9f6c-db82bb883b1e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3110b29e-c82d-4287-9f6c-db82bb883b1e advisory. - Tim Wojtulewicz of Corelight reports: Fix a possible overflow and crash in the ARP analyzer when...

Bluetooth + Electrical switchgear

The ongoing rapid growth of Industrial IoT IIoT across all business sectors continues to bring to focus the discrepancies that exist between the approaches to safety and cyber-security on safety critical sites. Safety has been culturally ingrained into all aspects of industrial site operations fo...

The vulnerability of the HCI interface, which operates on the Modbus TCP protocol, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure or cause the device to restart.

The vulnerability of the HCI interface, which operates on the Modbus TCP protocol, and the Hitachi Energy RTU500 programmable logic controllers is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause service failures or trigg...

Hitachi Energy RTU500 安全漏洞

RTU500 is a series of industrial control components from Hitachi, Japan, mainly used in industrial control systems. A buffer overflow vulnerability exists in the Hitachi Energy RTU500 series CMU firmware HCI Modbus TCP function. The vulnerability, which originates when HCI Modbus TCP is enabled a...

Hitachi Energy RTU500

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted...

PT-2022-4414 · Hitachi Energy · Rtu500

Name of the Vulnerable Software and Affected Versions: Hitachi Energy RTU500 versions affected versions not specified Description: The issue is related to a vulnerability in the HCI interface, functioning via the Modbus TCP protocol, which can cause a buffer overflow in memory. This can be...

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports: Fix a possible overflow and crash in the ARP analyzer when receiving a specially crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability. Fix a possible overflow and crash in the...

Sequi PortBloque S

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sequi Equipment: Sequi PortBloque S Vulnerabilities : Improper Authentication, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized...

Sequi PortBloque S 授权问题漏洞

Sequi PortBloque S is a specialized firewall from Sequi. It protects Modbus devices from serial attacks. An authorization issue vulnerability exists in Sequi PortBloque S. The vulnerability stems from the presence of incorrect authentication issues, which can be exploited by an attacker to bypass...

Sequi PortBloque S 安全漏洞

Sequi PortBloque S is a specialized firewall from Sequi. It protects Modbus devices from serial attacks. A security vulnerability exists in Sequi PortBloque S, which arises from an incorrect authentication issue that can be exploited by an attacker to bypass the authentication process and gain...

The vulnerability of the Modbus TCP protocol implementation in microprogrammed software for programmable logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, Legacy Modicon Quantum/Premium, allows a intruder to trigger a service failure.

The vulnerability of the Modbus TCP protocol implementation in microprogrammed logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, and Legacy Modicon Quantum/Premium, is related to a potential integer overflow. Exploiting this vulnerability could all...

The vulnerability of the Modbus TCP protocol implementation in microprogrammed software for programmable logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, Legacy Modicon Quantum, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Modbus TCP protocol implementation in microprogrammed logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, and Legacy Modicon Quantum, is related to errors in information processing. Exploiting this vulnerability can allow an...

PT-2022-4153 · Schneider Electric · Legacy Modicon Quantum +5

Name of the Vulnerable Software and Affected Versions: Modicon M340 CPU versions prior to V3.30 Modicon M580 CPU versions prior to SV3.20 Modicon MC80 versions prior to V1.6 Modicon M580 CPU Safety version all Modicon Momentum MDI versions prior to V2.3 Legacy Modicon Quantum version all...

PT-2022-4155 · Schneider Electric · Modicon Quantum/Premium +4

Name of the Vulnerable Software and Affected Versions: Modicon M340 CPU versions V3.40 and prior Modicon M580 CPU versions V3.22 and prior Legacy Modicon Quantum/Premium All Versions Modicon Momentum MDI 171CBU All Versions Modicon MC80 BMKC80 versions V1.7 and prior Description: A CWE-191: Integ...

Siemens EN100 Ethernet Module Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2022-30938)

A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...

CVE-2021-22648

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...

CVE-2021-22642

An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system...

CVE-2021-22648

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...

CVE-2021-22642

An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system...

Design/Logic Flaw

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...