Lucene search
+L

31 matches found

prion
prion
added 2016/04/06 11:59 p.m.12 views

Heap overflow

Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors...

6.8CVSS8.8AI score0.02332EPSS
Exploits0References1Affected Software4
attackerkb
attackerkb
added 2016/04/06 11:59 p.m.3 views

CVE-2015-7921

The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials...

9.1CVSS5.6AI score0.0197EPSS
Exploits0References2
prion
prion
added 2016/04/06 11:59 p.m.14 views

Hardcoded credentials

The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials...

6.4CVSS7.5AI score0.0197EPSS
Exploits0References1Affected Software4
cve
cve
added 2016/04/06 11:0 p.m.76 views

CVE-2016-2290

CVE-2016-2290 is a heap-based buffer overflow affecting Pro-face GP-Pro EX and related editors (EX-ED, PFXEXEDV/EDLS/GRPLS) prior to version 4.05.000. The vulnerability allows remote execution of arbitrary code in the affected process due to a heap-buffer overflow, with the NVD reporting a high-s...

8.8CVSS9.1AI score0.02332EPSS
Exploits0References1Affected Software4
cvelist
cvelist
added 2016/04/06 11:0 p.m.25 views

CVE-2016-2292

Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors...

7.1AI score0.02326EPSS
Exploits0References1
cvelist
cvelist
added 2016/04/06 11:0 p.m.29 views

CVE-2015-7921

The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials...

9.5AI score0.0197EPSS
Exploits0References1
cve
cve
added 2016/04/06 11:0 p.m.64 views

CVE-2015-7921

The CVE describes hard-coded credentials in the FTP server of Pro-face GP-Pro EX (affected models EX-ED, PFXEXEDV, PFXEXEDLS, PFXEXGRPLS) prior to version 4.05.000, enabling remote authentication bypass. Root cause: hard-coded credentials in the FTP service. Impact: unauthorized access to device ...

9.1CVSS9.3AI score0.0197EPSS
Exploits0References1Affected Software4
cvelist
cvelist
added 2016/04/06 11:0 p.m.23 views

CVE-2016-2290

Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors...

9.2AI score0.02332EPSS
Exploits0References1
cnvd
cnvd
added 2016/04/06 12:0 a.m.5 views

Pro-face GP-Pro EX Authentication Bypass Vulnerability

Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. The Pro-face GP-Pro EX has a security vulnerability due to the use of hard-coded certificates by the FTP server. A remote attacker could exploit the vulnerability to access items in the device...

6.9AI score
Exploits0References1
cnvd
cnvd
added 2016/04/06 12:0 a.m.40 views

Pro-face GP-Pro EX Heap Buffer Overflow Vulnerability

Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. A heap buffer overflow vulnerability exists in Pro-face GP-Pro EX. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of a process...

8.8CVSS8.1AI score0.02332EPSS
Exploits0References1
ics
ics
added 2016/01/07 7:0 a.m.123 views

Pro-face GP-Pro EX HMI Vulnerabilities

OVERVIEW ZDI Zero Day Initiative has identified one information disclosure and two buffer overflow vulnerabilities, and independent researcher Jeremy Brown has identified hard-coded credentials in Pro-face’s GP-Pro EX HMI software. Pro-face has produced a module to mitigate these vulnerabilities...

8.8CVSS8.3AI score0.02332EPSS
Exploits0References10
Rows per page
Query Builder