PT-2026-43234

An Allocation of Resources Without Limits or Throttling vulnerability in the OPC-UA Server used in PPT30 Operating System versions before 1.8.0 may be used by an unauthenticated network-based attacker to permanently prevent legitimate users from interacting with the service...

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

CVE-2025-60035

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data...

ABB B&R Automation Studio

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. Successful exploitation of this vulnerability may enable an attacker to masquerade as a trusted party when B&R Automation Studio establishes...

PT-2026-3449

Name of the Vulnerable Software and Affected Versions Automation Studio versions prior to 6.5 Description An Improper Certificate Validation issue exists in the OPC-UA client and ANSL over TLS client. This could allow an unauthenticated attacker on the network to intercept and interfere with data...

CVE-2025-7390

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication...

PT-2025-34191 · Unknown · Opc.Https Server

Name of the Vulnerable Software and Affected Versions: opc.https server affected versions not specified Description: A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication. Recommendations: ...

[SECURITY] Fedora 41 Update: open62541-1.4.13-1.fc41

open62541 is a C-based library linking with C++ projects is possible with all necessary tools to implement dedicated OPC UA clients and servers, or to integrate OPC UA-based communication into existing applications...

Seeyon Zhiyuan OA 代码问题漏洞

Seeyon Zhiyuan OA Zhiyuan OA is a collaboration management software from China's Seeyon. A code issue vulnerability exists in Seeyon Zhiyuan OA 8.1 SP2 and prior versions, which stems from incorrect manipulation of the parameter url in the file...

A Study on Audio Synchronous Steganography Detection and Distributed Guide Inference Model Based on Sliding Spectral Features and Intelligent Inference Drive

With the rise of short video platforms in global communication, embedding steganographic data in audio synchronization streams has emerged as a new covert communication method. To address the limitations of traditional techniques in detecting synchronized steganography, this paper proposes a...

The vulnerability of the LockOpcSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LockOpcSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the OPC Server implementation in MIR and SCADA systems, related to the transmission of data in an open manner, allows attackers to disclose protected information.

The vulnerability of the OPC Server implementation and the MIIR SCADA system is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

Schneider Electric EcoStruxure Control Expert、EcoStruxure Process Expert和OPC Factory Server 输入验证错误漏洞

Schneider Electric EcoStruxure Control Expert formerly known as Unity Pro, among others, is a product of Schneider Electric, France.Schneider Electric EcoStruxure Control Expert is a suite of programming software for Schneider Electric logic controller products. Schneider Electric EcoStruxure...

Malicious code in tpro_pc_yyb_open_platform (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d15d2ff8ee637d306770e71be2fd88a7a4120d1560980b598bc86166f56dd479 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OPC UA.NET Standard 安全漏洞

OPC UA.NET Standard is a set of Unified Architecture standards from the OPC Foundation of America for the development of OPC UA applications. A security vulnerability exists in OPC UA .NET Standard. An attacker exploiting the vulnerability could consume all available resources on the server...

Softing OPC UA C++ SDK Security Vulnerability

The Softing OPC UA C++ SDK is a development kit from Softing Germany. It is used to quickly and easily integrate OPC UA clients and servers. A security vulnerability exists in versions of Softing OPC UA C++ SDK prior to V1.30, which stems from an uncaught exception issue that may cause the...

The vulnerability lies in the implementation of OPC UA software methods for connection integration with the Softing OPC UA C++ SDK, as well as the Secure Integration Server data integration tool. This allows attackers to execute arbitrary code.

The vulnerability of the implementation of OPC UA software for connectivity integration with Softing OPC UA C++ SDK lies in the incorrect path name limitation for accessing the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the OPC UA Server software for integration systems and automation devices in industrial applications allows a perpetrator to trigger a service failure.

The vulnerability of the OPC UA Server software for integration systems and automation devices in industrial applications is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the data exchange server between automation systems and devices, using the OPC AO-OPC standard, arises from the absence of quotation marks in the syntax of elements or search paths. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the data exchange server between automation systems and devices, using the OPC AO-OPC standard, is related to the absence of quotation marks in the syntax of elements or search paths. Exploiting this vulnerability allows attackers to execute arbitrary code and increase their...

The vulnerabilities of the software implementations of OPC UA methods for integrating communication with the Softing OPC UA C++ SDK, the data integration tool Softing edgeAggregator, and the software modules for connecting controllers such as Softing edgeConnector Modbus, Softing edgeConnector 840D, and Softing edgeConnector Siemens, allow attackers to cause service interruptions.

The vulnerability of the implementation of OPC UA software for connection integration with Softing OPC UA C++ SDK, the data integration tool Softing edgeAggregator, and the software modules for connecting controllers such as Softing edgeConnector Modbus, Softing edgeConnector 840D, and Softing...