Lucene search
+L

190 matches found

Prion
Prion
added 2016/06/10 1:59 a.m.18 views

Design/Logic Flaw

ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...

2.1CVSS6.2AI score0.00285EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/06/10 1:0 a.m.32 views

CVE-2016-4524

ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...

6.1AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 2016/06/10 1:0 a.m.55 views

CVE-2016-4524

CVE-2016-4524 affects ABB PCM600 (OPC Server IEC61850) prior to version 2.7. The vulnerability arises from insecure handling of authentication passwords: the OPC Server IEC61850 credentials are stored in clear text or unsecured temporary locations in the configuration/file artifacts, enabling a l...

6.5CVSS6AI score0.00285EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2015/12/11 7:0 a.m.78 views

SCADA Engine BACnet OPC Server Vulnerabilities

OVERVIEW Independent researcher Josep Pi Rodriguez has identified three vulnerabilities in the SCADA Engine BACnet OPC Server application. SCADA Engine has produced a new software version that mitigates these vulnerabilities. Josep Pi Rodriguez has tested the new software version to validate that...

9CVSS7.4AI score0.04564EPSS
Exploits0References10
0day.today
0day.today
added 2015/12/08 12:0 a.m.54 views

GEOVAP Reliance 4 Control Server Privilege Escalation Vulnerability

GEOVAP Reliance 4 Control Server suffers from an unquoted search path issue impacting the service 'RelianceOpcDaWrapper' for Windows deployed as part of Reliance 4 SCADA/HMI system installer including Reliance OPC Server. This could potentially allow an authorized but non-privileged local user to...

7.6AI score
Exploits0
0day.today
0day.today
added 2015/12/06 12:0 a.m.62 views

Circutor PowerStudio SCADA 4.0.5 Unquoted Service Path Elevation Of Privilege Vulnerability

Exploit for windows platform in category remote exploits Circutor PowerStudio SCADA 4.0.5 Unquoted Service Path Elevation Of Privilege Vendor: CIRCUTOR SA Product web page: http:/www.circutor.com Affected version: PowerStudio SCADA 4.0.5 and OPC Server 1.4.1 Summary: CIRCUTOR's Electrical Energy...

7.1AI score
Exploits0
ICS
ICS
added 2015/11/27 7:0 a.m.51 views

Software Toolbox Top Server Resource Exhaustion Vulnerability

OVERVIEW Adam Crain of Automatak and Chris Sistrunk of Mandiant have identified a resource exhaustion vulnerability in the Software Toolbox Top Server application. Software Toolbox has produced a new version that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECT...

5CVSS6.3AI score0.01384EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2015/04/11 12:0 a.m.37 views

Inductive Automation Ignition < 7.7.4 Multiple Vulnerabilities

Inductive Automation Ignition is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS9.3AI score0.0225EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/04/09 12:0 a.m.26 views

SCADA Engine BACnet OPC Server < 2.1.371.24 Multiple Vulnerabilities

Binary data scadabacnetopcserver2137124.nbin...

9CVSS6.8AI score0.04564EPSS
Exploits0References4
NVD
NVD
added 2015/04/03 10:59 a.m.16 views

CVE-2015-0992

Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors...

2.1CVSS5.7AI score0.00334EPSS
Exploits0References1
Prion
Prion
added 2015/04/03 10:59 a.m.18 views

Design/Logic Flaw

Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors...

2.1CVSS6.2AI score0.00334EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/04/03 10:0 a.m.109 views

CVE-2015-0992

CVE-2015-0992 affects Inductive Automation Ignition 7.7.2, where OPC Server credentials are stored in plaintext in the settings file, enabling local users to obtain sensitive information via unspecified vectors. The connected documents corroborate plaintext storage of credentials as the root caus...

2.1CVSS5.8AI score0.00334EPSS
Exploits0References1Affected Software1
Kaspersky
Kaspersky
added 2015/03/16 12:0 a.m.52 views

KLA10502 Multiple vulnerabilities in BACnet OPC Server

Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database. Below is a complete list of vulnerabilities 1. An unknwon vulnerabilities can be exploited remotely via unknown vecto...

9CVSS7.9AI score0.04564EPSS
Exploits0References2
NVD
NVD
added 2015/03/14 1:59 a.m.15 views

CVE-2015-0981

The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to bypass authentication and read or write to arbitrary database fields via unspecified vectors...

7.5CVSS7AI score0.02575EPSS
Exploits0References1
NVD
NVD
added 2015/03/14 1:59 a.m.31 views

CVE-2015-0980

Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request...

9CVSS7.6AI score0.03616EPSS
Exploits0References1
NVD
NVD
added 2015/03/14 1:59 a.m.28 views

CVE-2015-0979

Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet...

9CVSS7.9AI score0.04564EPSS
Exploits0References1
Prion
Prion
added 2015/03/14 1:59 a.m.17 views

Heap overflow

Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet...

9CVSS8.6AI score0.04564EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2015/03/14 1:59 a.m.18 views

Format string

Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request...

9CVSS8.2AI score0.03616EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/03/14 1:0 a.m.58 views

CVE-2015-0981

SCADA Engine BACnet OPC Server prior to version 2.1.371.24 is affected by three vulnerabilities tied to the SOAP web interface: (1) CVE-2015-0981 Authentication bypass allowing remote read/write of database fields, (2) CWE-122 Heap-based Buffer Overflow, and (3) CWE-20 Improper Input Validation. ...

7.5CVSS7.2AI score0.02575EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/03/14 1:0 a.m.55 views

CVE-2015-0980

SCADA Engine BACnet OPC Server (BACnet OPC Server) before version 2.1.371.24 is affected by CVE-2015-0980 via a format-string vulnerability in the SOAP web interface (BACnOPCServer.exe). Exploitation could allow remote attackers to execute arbitrary code. The ICS-CERT advisory notes a fixed versi...

9CVSS7.8AI score0.03616EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder