1659 matches found
Code injection
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system...
CVE-2021-22648 Ovarro TBox Incorrect Permission Assignment for Critical Resource
Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...
CVE-2021-22648 Ovarro TBox Incorrect Permission Assignment for Critical Resource
Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...
CVE-2021-22648
CVE-2021-22648 affects Ovarro’s TBox RTU line (LT2, MS-CPU32, MS-CPU32-S2, RM2, TG2) and TWinSoft prior to 12.4, plus firmware before 1.46. The issue is Incorrect Permission Assignment for Critical Resource via TBox’s proprietary Modbus file access, allowing an attacker to read, alter, or delete ...
CVE-2021-22642 Ovarro TBox Uncontrolled Resource Consumption
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system...
CVE-2021-22642 Ovarro TBox Uncontrolled Resource Consumption
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system...
CVE-2021-22642
CVE-2021-22642 corresponds to an Ovarro TBox vulnerability in which a remote attacker can crash the device by sending specially crafted invalid Modbus frames. The issue affects multiple TBox RTU products (e.g., TBox LT2, TBox MS-CPU32, MS-CPU32-S2, RM2, TG2) and is described under ICSA-21-054-04 ...
PT-2022-9261 · Ovarro · Ovarro Tbox
Name of the Vulnerable Software and Affected Versions: Ovarro TBox affected versions not specified Description: The issue allows attackers to read, alter, or delete the configuration file through Ovarro TBox proprietary Modbus file access functions. Recommendations: At the moment, there is no...
PT-2022-9258 · Ovarro · Ovarro Tbox
Name of the Vulnerable Software and Affected Versions: Ovarro TBox affected versions not specified Description: An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. Recommendations: At the moment, there is no information about a newer version that contain...
CVE-2022-30938
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
Memory corruption
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30938
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
Siemens EN100 Ethernet Module
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Siemens EN100 Ethernet Module Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2022-30937)
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
The vulnerability of the Honeywell Modbus TCP protocol and the Safety Builder controller devices for emergency protection systems like Safety Manager, as well as the micro-programmed software for programmable logic controllers like Honeywell Experion PKS, allows a intruder to alter the device’s configuration.
The vulnerability of Honeywell Modbus TCP and Safety Builder controllers’ anti-disaster protection devices, such as Safety Manager and Honeywell Experion PKS programmable logic controllers, is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an...
CVE-2022-30937
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30937
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
Memory corruption
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30937
CVE-2022-30937 affects Siemens EN100 Ethernet Module variants: DNP3 IP, IEC 104, IEC 61850 (all versions prior to 4.37), Modbus TCP, and PROFINET IO. The issue is a memory corruption vulnerability in the HTTP parsing of the /txtrace endpoint, which could crash the affected application and cause a...
Siemens EN100 Ethernet Module
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could...