CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2021/05/13 12:0 a.m.•5 views

WAGO 安全漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is designed for use in industrial environments as an electronic system for the operation of digital algorithms. A security vulnerability exists in WAGO. An attacker could use a specially crafted request to cause...

5.3CVSS5.8AI score0.00752EPSS

CNNVD•added 2021/05/13 12:0 a.m.•6 views

WAGO 安全漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is designed for use in industrial environments as an electronic system for the operation of digital algorithms. A security vulnerability exists in WAGO. The vulnerability stems from a program web server cookie...

7.5CVSS7.3AI score0.00542EPSS

CNNVD•added 2021/05/11 12:0 a.m.•9 views

Omron CX-One 缓冲区错误漏洞

Omron CX-One is an integrated toolkit from Omron Japan. The product includes an inverter, temperature controller, and PLC programming software. A security vulnerability exists in CX-One Versions version 4.60 and earlier. The vulnerability stems from the program's susceptibility to a stack-based...

7.8CVSS6.5AI score0.09987EPSS

Exploits0References6

CNNVD•added 2021/04/13 12:0 a.m.•6 views

Siemens Web Server缓冲区错误漏洞

Siemens SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. A heap buffer overflow vulnerability exists in the Siemens SCALANCE X-200 web server. An attacker could exploit the vulnerability to cause a denial o...

9.8CVSS6.2AI score0.01569EPSS

Exploits0References5

ICS•added 2021/03/09 12:0 a.m.•82 views

Siemens LOGO! 8 BM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.5CVSS5.8AI score0.00266EPSS

Exploits0References10

BDU FSTEC•added 2021/03/09 12:0 a.m.•3 views

The vulnerability of the programmable logic controller MELSEC iQ-R, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the programmable logic controller MELSEC iQ-R is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause malfunctions in the service process using a specially crafted package...

7.8CVSS7.2AI score0.02117EPSS

Exploits0References3Affected Software16

CNNVD•added 2021/02/26 12:0 a.m.•6 views

PLC Resource Management Error Vulnerability

The Qualcomm PLC is a programmable logic controller from Qualcomm Incorporated. A security vulnerability exists in the PLC that can be exploited by an attacker to cause the PLC's web visualization component to stop and become unresponsive, resulting in a loss of remote visibility of the PLC's sta...

7.5CVSS7.1AI score0.01416EPSS

CNVD•added 2021/02/03 12:0 a.m.•7 views

Rockwell Automation MicroLogix 1400 Buffer Overflow Vulnerability

Micrologix 1400 is a programmable logic controller from Rockwell Automation. A buffer overflow vulnerability exists in Rockwell Automation MicroLogix 1400 version 21.6 and earlier. An attacker can exploit this vulnerability by sending specially crafted Modbus packets to retrieve or modify random...

8.6CVSS7.1AI score0.01719EPSS

CNVD•added 2021/02/03 12:0 a.m.•6 views

Denial of Service Vulnerability in Omron CP1L-EM40DR-D

The Omron CP1L-EM40DR-D is a programmable logic controller from Omron Japan. A denial of service vulnerability exists in the Omron CP1L-EM40DR-D, which can be exploited by an attacker to cause a denial of service on the device...

6.9AI score

CNVD•added 2021/02/03 12:0 a.m.•5 views

Delta DVP20ES200TE has a Denial of Service Vulnerability

The Delta DVP20ES200TE is a programmable logic controller from Delta Taiwan. The Delta DVP20ES200TE suffers from a denial of service vulnerability that can be exploited by attackers to cause a denial of service attack...

7AI score

CNVD•added 2021/01/17 12:0 a.m.•6 views

Schneider TM218LDAE24DRHN IPv4 protocol stack suffers from a denial of service vulnerability

The TM218LDAE24DRHN is a programmable logic controller PLC product under the Modicon banner of Schneider Electric, a French company. A denial of service vulnerability exists in the Schneider TM218LDAE24DRHN IPv4 protocol stack, which can be exploited by an attacker to cause the device to go down...

6.9AI score

CNVD•added 2021/01/17 12:0 a.m.•7 views

Denial of Service Vulnerability in ARP Protocol in MITSUBISHI Electric FX5U-32MT/ES

The Mitsubishi Electric FX5U-32MT/ES is a programmable logic controller PLC product of the MELSEC FX series. A denial of service vulnerability exists in the ARP protocol of the MITSUBISHI Electric FX5U-32MT/ES, which can be exploited by attackers to cause the device to fail to function properly...

6.9AI score

CNVD•added 2021/01/13 12:0 a.m.•4 views

Scalance X Products Hard-Coded Encryption Key Vulnerability

SCALANCE X is a switch for connecting industrial components such as programmable logic controllers plc or human machine interfaces HMIs. The Scalance X Products hard-coded encryption key vulnerability can be exploited by an attacker to handle man-in-the-middle scenarios and decrypt previously...

5.9CVSS9.1AI score0.01119EPSS

CNNVD•added 2020/12/17 12:0 a.m.•9 views

Phoenix Contact PLCnext Control Devices Security Breach

Phoenix Contact PLCnext Control Devices is a programmable logic controller for industrial environments from Phoenix Contact, Germany. A security vulnerability exists in Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS, which can be exploited by an attacker to open a reverse shel...

10CVSS7.3AI score0.00851EPSS

CNNVD•added 2020/12/10 12:0 a.m.•5 views

Misubishi Electric MELSEC iQ-F series Security Vulnerability

The Misubishi Electric MELSEC iQ-F series is a programmable logic controller from Misubishi Electric Japan. A security vulnerability exists in the MELSEC iQ-F series, which can be exploited by an attacker to cause a denial of service, due to improper checking or handling of an exception by the...

7.4CVSS7.1AI score0.00985EPSS

Exploits0References7

NVD•added 2020/12/03 1:15 p.m.•22 views

CVE-2020-6111

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000...

7.5CVSS7.3AI score0.04584EPSS

CNNVD•added 2020/11/19 12:0 a.m.•8 views

Schneider Electric Unity Pro 安全漏洞

Schneider Electric EcoStruxure Control Expert is the universal programming, commissioning and operating software for the Modicon M340, M580, M580S, Premium, Momentum and Quantum series. A command execution vulnerability exists in Schneider Electric EcoStruxure Control Expert. The vulnerability...

8.8CVSS7.6AI score0.01129EPSS

BDU FSTEC•added 2020/11/05 12:0 a.m.•6 views

The vulnerability of the programming tool WideField3 for the programmable logical controller FA-M3 allows a intruder to trigger a service failure.

The vulnerability of the programming tool WideField3 for the programmable logical controller FA-M3 lies in the writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an intruder to cause a malfunction in the system’s operation...

2.8CVSS8AI score0.00708EPSS

Talos•added 2020/10/13 12:0 a.m.•36 views

Allen-Bradley MicroLogix 1100 programmable logic controller systems IPv4 denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN...

7.5CVSS7.5AI score0.04584EPSS