Siemens SCALANCE 安全漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

Siemens SCALANCE 资源管理错误漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

Vulnerability of microprogrammed programmable logic controllers MELSEC-F: related to authentication breaches, allowing attackers to circumvent existing security restrictions

The vulnerability of MELSEC-F programmable logic controllers’ microprogramming software is related to authentication breaches. Exploiting this vulnerability allows an attacker, operating remotely, to circumvent existing security restrictions...

Delta Electronics WPLSoft Security Vulnerability

Delta Electronics WPLSoft is a software tool for programming Delta Programmable Logic Controllers PLCs from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics WPLSoft version 2.51 and prior versions, which stems from a heap-based buffer overflow issue...

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure.

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, in the Hitachi Energy RTU500 programmable logic controllers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, as well as in measurement and control controllers Experion LX, and the distribution control system Experion PlantCruise, is related to buffer overflow in dynamic memory. Exploiting this...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerabilities of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Experion LX measurement and control controllers, and the Experion PlantCruise distribution control system are related to the restoration of unreliable data in memory. Exploiting these...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Experion LX measurement and control controllers, and Experion PlantCruise distribution systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker...

The vulnerability of FTP servers of microprogrammed logic controllers such as MELSEC RJ71EIP91, SW1DNN-EIPCT-BD, FX5-ENET/IP, and SW1DNN-EIPCTFX5-BD allows attackers to compromise the target system.

The vulnerability of FTP servers of microprogrammed logic controllers such as MELSEC RJ71EIP91, SW1DNN-EIPCT-BD, FX5-ENET/IP, and SW1DNN-EIPCTFX5-BD lies in the ability to download files of a dangerous type without limitation. Exploiting this vulnerability can allow an attacker to compromise the...

PT-2023-3435 · Wago · Wago

Name of the Vulnerable Software and Affected Versions: WAGO devices affected versions not specified Description: The issue is related to insufficient input validation in the software of WAGO programmable logic controllers, which may allow an authenticated remote attacker with high privileges to...

Mitsubishi Electric 多款产品安全漏洞

The Mitsubishi Electric MELSEC iQ-R series and the Mitsubishi Electric MELSEC iQ-F series are both programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in several Mitsubishi Electric products, which is caused by a missing mask when entering a password fie...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely EcoStruxure Control Exper, arises from deficiencies in the separation of the controlled system area. This allows a intruder to carry out unauthorized maintenance actions.

The vulnerability of the EcoStruxure Control Exper programming tool for programmable logic controllers is related to deficiencies in the separation of the controlled system area. Exploiting this vulnerability could allow a malicious actor to perform a service failure remotely...

The vulnerability of the Codesys software suite for industrial automation integrated into Schneider Electric’s programmable logic controllers allows a perpetrator to compromise data integrity.

The vulnerability of the Codesys software suite for industrial automation integrated into Schneider Electric’s programmable logic controllers is related to the disclosure of information in the incorrect data field. Exploiting this vulnerability could allow a malicious actor to compromise the...

The vulnerability of microprogrammed software in Mitsubishi Electric Corporation’s MELSEC iQ-F Series programmable logic controllers arises from buffer overflow on the stack, allowing an intruder to trigger a malfunction or execute arbitrary code.

The vulnerability of microprogrammed software in Mitsubishi Electric Corporation’s MELSEC iQ-F series programmable logic controllers arises due to buffer overflow on the stack. Exploiting this vulnerability allows a remote attacker to cause malfunctions in the system or execute arbitrary code by...

The vulnerability of the microprogramming software of Schneider Electric’s programmable logic controllers Modicon M340, Modicon Quantum, and Modicon Premium allows a intruder to gain access to confidential data.

The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium is related to the falsification of inter-site requests. Exploiting this vulnerability can allow a remote attacker to gain access to...

Siemens SIMATIC Cloud Connect安全漏洞

SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with OPC UA server interfaces to be connected as OPC UA clients. A denial of service vulnerability exists in Siemens SIMATIC Cloud Connect 7, which can be exploited b...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Exper, allows a intruder to execute arbitrary code.

The vulnerability of the EcoStruxure Control Exper programming tool for programmable logic controllers is related to deficiencies in the separation of the controlled system area. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Wago PLC Cycle Time Influences Uncontrolled Resource Consumption (CVE-2019-10953)

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets. This plugin only works with Tenable.ot. Please visit...

The vulnerability in the web-based interface for controlling programmable logic controllers WAGO PFC100/PFC200, CC100, Edge Controller, and sensor panels WAGO Touch Panel 600 allows a intruder to execute arbitrary code.

The vulnerability of the web-based interface for controlling WAGO PFC100/PFC200, CC100, Edge Controller, and WAGO Touch Panel 600 programmable logic controllers is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker operating...

The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers, such as Modicon M340 and Modicon Quantum/Premium, arises from the possibility of an operation exceeding the buffer limits. This allows a malicious actor to trigger a service failure.

The vulnerability of microprogrammed software in Schneider Electric Modicon M340 and Modicon Quantum/Premium programmable logic controllers lies in the execution of operations outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service failures by...