40 matches found
JTEKT Kostac PLC Programming Software 缓冲区错误漏洞
JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an inability to validate data...
CVE-2023-22424
Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...
CVE-2023-22424
Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...
CVE-2023-22419
Kostac PLC Programming Software (JTEKT Kostac) versions 1.6.9.0 and earlier are affected by CVE-2023-22419. The issue is an out-of-bounds read occurring while processing a comment block in stage information, due to end-of-data verification failure. This can lead to information disclosure and/or a...
PT-2023-1669 · Unknown · Kostac Plc Programming
Name of the Vulnerable Software and Affected Versions: Kostac PLC Programming Software versions 1.6.9.0 and earlier Description: The issue is related to an out-of-bounds read vulnerability that occurs when processing a comment block in stage information. This can lead to information disclosure...
The vulnerability of the development environment “CX-Programmer,” which is part of the software suite “CX-One” designed for programming and configuring Omron PLCs, arises from reading data from within allowable buffer limits. This allows attackers to disclose sensitive information or execute arbitrary code.
The vulnerability of the development environment provided by CX-Programmer, which is part of the CX-One software suite designed for programming and configuring Omron PLCs, relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose sensitive...
Binary Vulnerability in Kinco Builder
Kinco Builder is a PLC programming software for KS101M-04DX K209M-56DT HP070-33DT devices. A binary vulnerability exists in Kinco Builder, which can be exploited by attackers to cause a denial of service...
FATEK Automation WinProladder Integer Overflow Vulnerability
The official version of WinProLadder is a pretty good and useful PLC programming tool. FATEK Automation WinProladder integer overflow vulnerability can be exploited by attackers to cause arbitrary code execution...
Denial of Service Vulnerability in GX Works2 (CNVD-2021-16895)
GX Works2 is a PLC programming software. A memory out-of-bounds access vulnerability exists in GX Works2. An attacker could exploit this vulnerability to cause the program to crash...
Code Injection Vulnerability in GX Works2
GX Works2 is a PLC programming software. A code injection vulnerability exists in GX Works2. An attacker can exploit this vulnerability to gain server privileges...
Denial of Service Vulnerability in Mitsubishi Electric Corporation GX Works2 (CNVD-2020-49073)
GX Work2 is a PLC programming software developed by Mitsubishi Electric Automation Co., Ltd. for PLC design, debugging, maintenance and other work, which is widely used in electric power, machinery manufacturing, iron and steel, petroleum, chemical and other industrial control fields. A denial of...
Denial of Service Vulnerability in Mitsubishi Electric Corporation GX Works2 (CNVD-2020-49072 )
GX Work2 is a PLC programming software developed by Mitsubishi Electric Automation Co., Ltd. for PLC design, debugging, maintenance and other work, which is widely used in electric power, machinery manufacturing, iron and steel, petroleum, chemical and other industrial control fields. A denial of...
Denial of Service Vulnerability in Proficy Machine Edition (CNVD-2020-32607)
Proficy Machine Edition is a PLC programming software developed by Emerson Trading Shanghai Co., Ltd. for designing, debugging, programming, and maintaining GE RX 3i and GE RX7i series PLCs, which is widely used in industrial control fields such as electric power, machinery manufacturing, steel,...
Command Execution Vulnerability in WideField2
WideField2 is a PLC programming software developed by Yokogawa Electric Group. WideField2 suffers from a command execution vulnerability that can be exploited by an attacker to gain server privileges...
Logic Flaw Vulnerability in Widefield3
Widefield3, also known as Yokogawa PLC Programming Software, is a versatile PLC programming tool. Widefield3 suffers from a logic flaw vulnerability that can be exploited by an attacker to reconstruct the protection password of a program block or macro program...
Modbus Slave PLC 7 Buffer Overflow
Exploit Title: Modbus Slave PLC 7 - '.msw' Buffer Overflow PoC Author: Kagan Capar Discovery Date: 2018-10-27 Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe Vendor Homepage : https://www.modbustools.com Tested Version: 7 Tested on OS: Windows XP SP3 ENG other versio...
Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)
Exploit Title: Modbus Slave PLC 7 - '.msw' Buffer Overflow PoC Author: Kağan Çapar Discovery Date: 2018-10-27 Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe Vendor Homepage : https://www.modbustools.com Tested Version: 7 Tested on OS: Windows XP SP3 ENG other versio...
The vulnerability of the web server of the software complex for programming with CoDeSys allows a perpetrator to trigger a service failure or execute arbitrary code.
The vulnerability of the web server of the CoDeSys PLC programming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially crafted request...
WAGO PFC 200 SERIES Multiple Vulnerabilities
Exploit for hardware platform in category local exploits VENDOR DESCRIPTION “The WAGO-I/O-SYSTEM is a flexible fieldbus-independent solution for decentralized automation tasks. With the relay, function and interface modules, as well as overvoltage protection, WAGO provides a suitable interface fo...
Schneider Electric SoMachine HVAC
CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: SoMachine HVAC Vulnerabilities: Buffer Overflow, DLL Hijack AFFECTED PRODUCTS The following version of SoMachine HVAC, a PLC programming software, is affected: SoMachine HVAC Versions 2.1.0 and prior. IMPACT...