Lucene search
+L

190 matches found

NVD
NVD
added 2024/01/30 9:15 a.m.37 views

CVE-2023-6943

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...

9.8CVSS9.8AI score0.01844EPSS
Exploits0References3
Prion
Prion
added 2024/01/30 9:15 a.m.27 views

Code injection

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1GOT1000 all versions, GT Designer3 Version1GOT2000 all versions, GX Works2 version...

7.5CVSS7.9AI score0.01844EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2024/01/30 9:15 a.m.31 views

Authentication flaw

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1GOT1000 all versions, GT Designer3 Version1GOT2000 all versions, GX Works2 versions 1.11M and later, GX Works3 all...

5CVSS7.6AI score0.00949EPSS
Exploits0References3Affected Software4
Cvelist
Cvelist
added 2024/01/30 9:9 a.m.64 views

CVE-2023-6943

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...

9.8CVSS9.9AI score0.01844EPSS
Exploits0References3
CVE
CVE
added 2024/01/30 9:6 a.m.75 views

CVE-2023-6942

CVE-2023-6942 is a Missing Authentication for Critical Function vulnerability affecting Mitsubishi Electric FA Engineering Software Products, including EZSocket (3.0–5.92), FR Configurator2, GT Designer3 (GOT1000 1.x up to 1.325P, GOT2000 1.x up to 1.320J), GX Works2 (1.11M+), GX Works3, MELSOFT ...

7.5CVSS7.7AI score0.00949EPSS
Exploits0References3Affected Software10
ICS
ICS
added 2024/01/30 7:0 a.m.64 views

Mitsubishi Electric FA Engineering Software Products (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...

9.8CVSS9.2AI score0.01844EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.13 views

PT-2024-1480 · Mitsubishi · Gx Works3 +8

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric EZSocket versions 3.0 to 5.92 Mitsubishi Electric GT Designer3 Version1GOT1000 versions 1.325P and prior Mitsubishi Electric GT Designer3 Version1GOT2000 versions 1.320J and prior Mitsubishi Electric GX Works2 versions 1.1...

7.8CVSS7.2AI score0.00949EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.9 views

PT-2024-1401 · Mitsubishi · Mx +8

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92 GT Designer3 Version1GOT1000 versions 1.325P and prior GT Designer3 Version1GOT2000 versions 1.320J and prior GX Works2 versions 1.11M and later GX Works3 versions 1.106L and prior...

9.8CVSS8.1AI score0.01844EPSS
Exploits0References20
NVD
NVD
added 2023/07/28 12:15 p.m.34 views

CVE-2023-2685

A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2023/07/28 12:15 p.m.5 views

CVE-2023-2685

A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started...

6.3CVSS6.5AI score0.00166EPSS
Exploits0References1
Prion
Prion
added 2023/07/28 12:15 p.m.13 views

Design/Logic Flaw

A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started...

3.4CVSS6.2AI score0.00166EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/07/28 11:31 a.m.52 views

CVE-2023-2685

CVE-2023-2685 affects AO-OPC server prior to version 3.2.1. The vulnerability stems from an unquoted directory path for the service entry, which could allow an attacker to start another application via the AO-OPC service, potentially running with system privileges. Exploitation is considered loca...

7.2CVSS6.4AI score0.00166EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/14 12:0 a.m.8 views

PT-2023-4120 · Unknown · Ao-Opc Server

Name of the Vulnerable Software and Affected Versions: AO-OPC server versions prior to 3.2.1 Description: A vulnerability was found in the AO-OPC server where the directory information for the service entry is not enclosed in quotation marks. This could allow potential attackers to call up anothe...

7.2CVSS6.3AI score0.00166EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.30 views

ABB Central Licensing System Uncontrolled Resource Consumption (CVE-2020-8475)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

7.5CVSS7.3AI score0.0151EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.32 views

ABB Central Licensing System Permissions, Privileges, and Access Controls (CVE-2020-8476)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

7.5CVSS7.2AI score0.0151EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.26 views

ABB Central Licensing System Improper Restriction of XML External Entity Reference (CVE-2020-8479)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

9.8CVSS7.7AI score0.02203EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.14 views

ABB OPC Server for Incorrect Permission Assignment for Critical Resource (CVE-2021-22284)

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

8.8CVSS8.4AI score0.00831EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.30 views

ABB Central Licensing System Improper Access Control (CVE-2020-8471)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

7.8CVSS7.6AI score0.0151EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.39 views

ABB Central Licensing System Exposure of Sensitive Information to an Unauthorized Actor (CVE-2020-8481)

For ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

10CVSS7.5AI score0.0181EPSS
Exploits0References4
ICS
ICS
added 2022/09/29 12:0 a.m.63 views

Hitachi Energy MicroSCADA Pro X SYS600

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerability: Improper Input Validation, Improper Privilege Management, Improper Access Control, Improper Handling of Unexpected Data Type. 2. RISK...

8.8CVSS6.9AI score0.00697EPSS
Exploits0References5
Rows per page
Query Builder