78 matches found
EUVD-2021-15934
Malware in sbrugna...
EUVD-2021-15935
Malware in sbrugna...
EUVD-2019-7126
Malware in sbrugna...
EUVD-2022-35029
Malicious code in bioql PyPI...
EUVD-2022-35030
Malicious code in bioql PyPI...
EUVD-2022-35031
Malicious code in bioql PyPI...
EUVD-2022-35032
Malicious code in bioql PyPI...
EUVD-2022-35034
Malicious code in bioql PyPI...
CVE-2022-2793
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2792
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists...
CVE-2022-2790
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic PDT files and data blocks data BLD/BLK files...
CVE-2022-2789
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic...
CVE-2022-2788
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering...
The vulnerability of the FrameworkX.exe executable file of the Proficy Machine Edition programming software for programmable logic controllers allows a attacker to trigger a service failure.
The vulnerability of the FrameworkX.exe executable file of the Proficy Machine Edition programming software for programmable logic controllers involves insufficient validation of input data during the processing of the dynamic library fxVPStatcTcp.dll. Exploiting this vulnerability can allow an...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
Design/Logic Flaw
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2791
CVE-2022-2791 affects Emerson Proficy Machine Edition versions 9.00 and prior. The vulnerability is CWE-434 Unrestricted Upload of File with Dangerous Type: the software will upload any file written into the PLC logic folder to the connected PLC. Impact described in connected documents includes p...