PT-2025-89: NULL Pointer Dereference in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. Exploitation of the vulnerability allows a remote attacker to cause a denial of service by sending multiple specially crafted HTTP requests. Vulnerability status: Confirmed by vend...

PHOENIX CONTACT ILC 安全漏洞

The PHOENIX CONTACT ILC is a series of programmable controllers from PHOENIX CONTACT, Germany. A security vulnerability exists in the PHOENIX CONTACT ILC that stems from an uncontrolled resource consumption issue in the IEC 61131 program that could lead to a denial of service attack...

The vulnerability of microprogrammed software for programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi lies in the lack of origin verification in WebSockets. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of microprogrammed programmable logic controllers ABB FBXi, FBVi, FBTi, and CBXi is related to the lack of origin verification in WebSockets. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to protected...

Omron PLC Access Control Error Vulnerability

Omron PLC CJ series and so on are products of Omron Japan.Omron PLC CJ series is a CJ series Programmable Logic Controller PLC.Omron PLC CS series is a CS series Programmable Logic Controller PLC.Omron PLC NJ series is a NJ series programmable logic controller. An Access Control Error vulnerabili...

The vulnerability of the microprogramming software of Modicon PAC controllers and PLCs included in EcoStruxure Control Expert and EcoStruxure Process Expert allows a intruder to trigger maintenance failures.

The vulnerability of the microprogramming software of Modicon PAC controllers and PLCs included in EcoStruxure Control Expert and EcoStruxure Process Expert lies in the storage of data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to trigger service...

CVE-2022-30319

Saia Burgess Controls SBC PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls SBC PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The potential impact is:...

The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, arises from the use of rigidly encrypted account data. This allows a intruder to execute arbitrary codes.

The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to execute arbitrary codes remotely...

The vulnerability of the HCI component, which operates on the Modbus TCP protocol, and is found in Hitachi Energy RTU500 CMU series programmable logic controllers, allows a attacker to trigger a system reboot.

The vulnerability of the HCI component, which operates on the Modbus TCP protocol and is part of the Hitachi Energy RTU500 CMU series programmable logic controllers, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to trigger a device reboot...

SIEMENS RWG1.M12D S55370-C170 has a denial of service vulnerability

SIEMENS RWG1.M12D S55370-C170 programmable general-purpose controllers synthesize Siemens' many years of experience in the building, HVAC, and other industries, based on universal hardware design, programmable software platforms, and powerful communication processing capabilities. SIEMENS RWG1.M1...

Access Control Error Vulnerability in Omron PLC CJ and CS Series

Omron PLC CJ and CS series are PLCs from Omron. A security vulnerability exists in the Omron PLC CJ and CS Series that can be exploited by an attacker to access unrestricted locks...

WAGO Series PFC100 and WAGO Series PFC200 Improper Access Control Vulnerability

The WAGO Series PFC100 and WAGO Series PFC200 are programmable logic controllers from WAGO Germany. An improper access control vulnerability exists in the WAGO Series PFC100 and WAGO Series PFC200, which can be exploited by a remote attacker by sending a specially crafted HTTP request to determin...

Rockwell Automation MicroLogix Detection Consolidation

Consolidation of Rockwell Automation MicroLogix detections. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

Siemens 300/400 Series PLC Remote Control Vulnerability

Programmable controller PLC is developed on the basis of relay control and computer control, and gradually developed into a new type of industrial automatic control device based on microprocessor and integrating modern technologies such as computer technology, automatic control technology and...

SIMATIC S7-300 and S7-400 CPU Denial of Service Vulnerability

SIMATIC S7-300 CPUs and S7-400 CPUs are central processing unit modules for programmable controllers from Siemens. A denial of service vulnerability exists in the SIMATIC S7-300 CPUs and S7-400 CPUs. An attacker could exploit this vulnerability by sending specially crafted packets to cause a deni...

Mitsubishi FX3G PLC Denial of Service Vulnerability

FX3G series PLC is specialized in providing customers with more personalized system solutions, which can fully meet the system requirements of customers in different industries. A denial-of-service vulnerability exists in the Mitsubishi FX3G PLC, which allows an attacker to exploit the...