PT-2024-13842 · Indo Sol · Indo-Sol Profinet-Inspektor Nt

Name of the Vulnerable Software and Affected Versions: Indo-Sol PROFINET-INspektor NT versions 2.4.0 and earlier Description: A path traversal issue in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the...

CVE-2023-49959

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/startupdate...

Siemens SIMATIC CP Device Uncontrolled Resource Consumption Vulnerability

The SIMATIC CP 1623, CP 1626 and CP 1628 are PCI express cards for connection to industrial Ethernet. the SIMATIC CP 1604 and CP 1616 are PCI/PCI-104 cards for the connection of field devices to PROFINET industrial Ethernet. The Siemens SIMATIC CP devices are vulnerable to an uncontrolled resourc...

Siemens SIMATIC 多款产品访问控制错误漏洞

The SIMATIC CP 1623, CP 1626 and CP 1628 are PCI express cards for connection to industrial Ethernet. the SIMATIC CP 1604 and CP 1616 are PCI/PCI-104 cards for the connection of field devices to PROFINET industrial Ethernet. The Siemens SIMATIC CP devices suffer from an Improper Access Control...

Siemens SCALANCE X-200RNA Switch Devices Uncontrolled Resource Consumption (CVE-2022-46351)

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. Specially crafted PROFINET DCP...

Siemens SCALANCE X-200RNA Switch Devices Uncontrolled Resource Consumption (CVE-2022-46352)

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. Specially crafted PROFINET DCP...

Moxa EDS Ethernet Switches Uncontrolled Resource Consumption (CVE-2019-19707)

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices with firmware through 6.0, denial of service can occur via PROFINET DCE-RPC endpoint discovery packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SCALANCE and SIMATIC Uncontrolled Resource Consumption (CVE-2019-19301)

A vulnerability has been identified in SCALANCE X200-4P IRT, SCALANCE X201-3P IRT, SCALANCE X201-3P IRT PRO, SCALANCE X202-2IRT, SCALANCE X202-2P IRT, SCALANCE X202-2P IRT PRO, SCALANCE X204-2, SCALANCE X204-2FM, SCALANCE X204-2LD, SCALANCE X204-2LD TS, SCALANCE X204-2TS, SCALANCE X204IRT, SCALAN...

Debian: Security Advisory (DLA-1226-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K45062506: Siemens Ethernet card DoS vulnerabilities CVE-2018-11451 and CVE-2018-11452

Security Advisory Description CVE-2018-11451 A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions,...

SUSE CVE-2009-1210

Format string vulnerability in the PROFINET/DCP PN-DCP dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information...

SUSE CVE-2013-4936

The IsDFPFrame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet...

SUSE CVE-2016-9372

In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects...

SUSE CVE-2017-9766

In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service stack exhaustion in the dissectIODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c...

SUSE CVE-2017-13766

In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation...

Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1621 Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability February 2, 2023 CVE Number CVE-2022-40691 SUMMARY An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008...

Siemens SCALANCE X-200RNA Switch Devices Uncontrolled Resource Consumption Vulnerability (CNVD-2022-87967)

The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP end devices to connect to separate parallel networks where required. An uncontrolled resource consumption vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices, which can be exploited by an attacker to cause a denia...

CVE-2022-46352

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. Specially crafted PROFINET DCP...

CVE-2022-46352

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. Specially crafted PROFINET DCP...

CVE-2022-46351

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. Specially crafted PROFINET DCP...