190 matches found
Design/Logic Flaw
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4524
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4524
CVE-2016-4524 affects ABB PCM600 (OPC Server IEC61850) prior to version 2.7. The vulnerability arises from insecure handling of authentication passwords: the OPC Server IEC61850 credentials are stored in clear text or unsecured temporary locations in the configuration/file artifacts, enabling a l...
SCADA Engine BACnet OPC Server Vulnerabilities
OVERVIEW Independent researcher Josep Pi Rodriguez has identified three vulnerabilities in the SCADA Engine BACnet OPC Server application. SCADA Engine has produced a new software version that mitigates these vulnerabilities. Josep Pi Rodriguez has tested the new software version to validate that...
GEOVAP Reliance 4 Control Server Privilege Escalation Vulnerability
GEOVAP Reliance 4 Control Server suffers from an unquoted search path issue impacting the service 'RelianceOpcDaWrapper' for Windows deployed as part of Reliance 4 SCADA/HMI system installer including Reliance OPC Server. This could potentially allow an authorized but non-privileged local user to...
Circutor PowerStudio SCADA 4.0.5 Unquoted Service Path Elevation Of Privilege Vulnerability
Exploit for windows platform in category remote exploits Circutor PowerStudio SCADA 4.0.5 Unquoted Service Path Elevation Of Privilege Vendor: CIRCUTOR SA Product web page: http:/www.circutor.com Affected version: PowerStudio SCADA 4.0.5 and OPC Server 1.4.1 Summary: CIRCUTOR's Electrical Energy...
Software Toolbox Top Server Resource Exhaustion Vulnerability
OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a resource exhaustion vulnerability in the Software Toolbox Top Server application. Software Toolbox has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECT...
Inductive Automation Ignition < 7.7.4 Multiple Vulnerabilities
Inductive Automation Ignition is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SCADA Engine BACnet OPC Server < 2.1.371.24 Multiple Vulnerabilities
Binary data scadabacnetopcserver2137124.nbin...
CVE-2015-0992
Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2015-0992
CVE-2015-0992 affects Inductive Automation Ignition 7.7.2, where OPC Server credentials are stored in plaintext in the settings file, enabling local users to obtain sensitive information via unspecified vectors. The connected documents corroborate plaintext storage of credentials as the root caus...
KLA10502 Multiple vulnerabilities in BACnet OPC Server
Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database. Below is a complete list of vulnerabilities 1. An unknwon vulnerabilities can be exploited remotely via unknown vecto...
CVE-2015-0981
The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to bypass authentication and read or write to arbitrary database fields via unspecified vectors...
CVE-2015-0980
Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request...
CVE-2015-0979
Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet...
Heap overflow
Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet...
Format string
Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request...
CVE-2015-0981
SCADA Engine BACnet OPC Server prior to version 2.1.371.24 is affected by three vulnerabilities tied to the SOAP web interface: (1) CVE-2015-0981 Authentication bypass allowing remote read/write of database fields, (2) CWE-122 Heap-based Buffer Overflow, and (3) CWE-20 Improper Input Validation. ...
CVE-2015-0980
SCADA Engine BACnet OPC Server (BACnet OPC Server) before version 2.1.371.24 is affected by CVE-2015-0980 via a format-string vulnerability in the SOAP web interface (BACnOPCServer.exe). Exploitation could allow remote attackers to execute arbitrary code. The ICS-CERT advisory notes a fixed versi...