The vulnerability of the development environment for CX-Programmers and microprogramming software of PLC Omron CJ2M and Omron CJ2H, related to the transmission of passwords in an open manner, allows attackers to intercept the passwords.

The vulnerability of the development environment CX-Programmer, which is part of the CX-One software suite designed for programming and configuring Omron PLCs, as well as Omron microcontrollers like CJ2M and CJ2H, stems from the transmission of passwords in an open manner. Exploiting this...

Schneider Electric Modicon PLC Multiple Authentication Bypass Vulnerability

Modicon PLCs are programmable controller products used in industries such as dams, energy, food and agriculture, and more. A multiple authentication bypass vulnerability exists in the Schneider Electric Modicon PLC, where once a session key is obtained for plaintext transmission, an attacker can...

Multiple vulnerabilities in WAGO IO PLCs (CNVD-2016-05505)

The WAGO IO PLC 758-870 and 750-849 are bus editable logic controller modules from WAGO Germany. A security bypass vulnerability and a power lifting vulnerability exists in the WAGO IO PLC 758-870 and 750-849 versions, which can be exploited by an attacker to execute arbitrary code, bypass securi...

PCD Hardcoded Password Vulnerability in Multiple Saia Burgess Controls Products

Saia Burgess Controls PCD Controller is a family of programmable controllers for measurement, regulation and control tasks from Saia Burgess Controls, Switzerland. A security vulnerability exists in a number of Saia Burgess Controls products and stems from the program's use of hard-coded...

Siemens SIMATIC S7-1200多个漏洞

CVE ID: CVE-2014-2249,CVE-2014-2250,CVE-2014-2252,CVE-2014-2254,CVE-2014-2256,CVE-2014-2258 SIMATIC S7-1200是可编程控制器，可实现简单却高度精确的自动化任务。 Siemens SIMATIC S7-1200 4.0.0之前版本在实现上存在多个漏洞，可被恶意利用执行跨站请求伪造、劫持用户会话、造成拒绝服务。 1、向TCP端口443发送特制的数据包造成的错误可造成设备进入defect模式。 2、随机生成器内弱熵相关错误，可导致劫持另外用户的会话。...