CVE-2020-16234

In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code...

Information leakage vulnerability in CSC-830 of Beijing Sifang Relay Automation Co.

CSC830 PLC is a compact controller for small and medium-sized discrete automation systems and stand-alone automation systems from Beijing Sifang Relay Automation Co. The CSC-830 of Beijing Sifang Relay Automation Co., Ltd. suffers from an information leakage vulnerability that can be exploited by...

Denial of Service Vulnerability in CSC-830 of Beijing Sifang Relay Automation Co.

CSC830 PLC is a compact controller for small and medium-sized discrete automation systems and stand-alone automation systems from Beijing Sifang Relay Automation Co. A denial of service vulnerability exists in the Beijing Sifang Relay Automation Company Limited CSC-830, which can be exploited by ...

Information leakage vulnerability in CSC-850 of Beijing Sifang Relay Automation Co., Ltd (CNVD-2020-58374)

The CSC850 PLC is a compact controller for small and medium-sized discrete automation systems and stand-alone automation systems from Beijing Sifang Relay Automation Co. An information disclosure vulnerability exists in the CSC-850 of Beijing Sifang Relay Automation Company Limited, which can be...

Denial of Service Vulnerability in Omron Small PLC Series CP1L (CNVD-2020-58494)

CP1L is Omron's compact PLC series, an all-in-one PLC with built-in pulse output, analog input/output, and serial communication functions. A denial of service vulnerability exists in the Omron Compact PLC Series CP1L, which can be exploited by an attacker to erase logic files running inside the...

Improper Password Protection During Authentication Vulnerability in Multiple Siemens Products

The Siemens SIMATIC S7-300 CPU is a modular general-purpose controller for the manufacturing industry from Siemens.Products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. A security vulnerability exists in several Siemens products. An...

Weak password vulnerability in AM600-PS2 of Suzhou Huichuan Technology Co.

The AM600-PS2 is a medium-sized programmable logic controller PLC designed with a modular structure. A weak password vulnerability exists in the AM600-PS2 of Suzhou Huichuan Technology Company Limited, which can be exploited by an attacker to log into the PLC's operating system...

Binary Vulnerability in Siemens PLC at Siemens (China) Co.

Siemens is a global technology company that provides solutions for customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drives and software with innovations in electrification, automation and digitalization. A binary vulnerability...

CVE-2020-10624

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...

Honeywell ControlEdge PLC and ControlEdge RTU Information Disclosure Vulnerability

Honeywell ControlEdge PLC and ControlEdge RTU are both products of Honeywell, Inc. The ControlEdge PLC is a programmable logic controller PLC.The ControlEdge RTU is a remote terminal unit RTU. An information disclosure vulnerability exists in the Honeywell ControlEdge PLC and RTU, which can be...

Introduction to PLCs and Ladder Logic

Introduction We do a lot of client work with ICS, IIoT, and SCADA. We've been to various power plants, factories, electricity substations and they all use the same technology in the form of a PLC. A PLC is a Programmable Logic Controller. PLCs are what keep our Critical National Infrastructure...

Denial of Service Vulnerability in Proficy Machine Edition

Proficy Machine Edition is a PLC programming software developed by Emerson Trading Shanghai Co. A denial of service vulnerability exists in Proficy Machine Edition, which can be exploited by an attacker to cause a denial of service...

Memory Corruption Vulnerability in Speed Control PLC Development Software

Speed Control Cloud Shanghai Intelligent Technology Co., Ltd, in cooperation with Shanghai Jiao Tong University, is a high-tech company specializing in the research and development of cloud box, HMI, PLC and other industrial Internet of Things automation products. A memory corruption vulnerabilit...

CVE-2020-6081

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

3S-Smart Software Solutions CODESYS Runtime Remote Code Execution Vulnerability

3S-Smart Software Solutions CODESYS Runtime is a controller real-time runtime system based on IEC61131-3 standard programming from 3S-Smart Software Solutions, Germany. The system transforms any embedded or PC-based device into an IEC61131-3 compliant industrial controller. A security vulnerabili...

Denial of Service Vulnerability in GX Works2 (CNVD-2020-32342)

GX Works2 is a PLC programming software. A denial of service vulnerability exists in GX Works2. An attacker could cause a denial of service by sending constructed malicious packets that cause it to experience an illegal memory access resulting in a denial of service, or could potentially execute...

Denial of Service Vulnerability in GX Works2 (CNVD-2020-28228)

GX Works2 is a PLC programming software. GX Works2 suffers from a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...

Command Execution Vulnerability in WideField3

WideField3 is a PLC programming software developed by Yokogawa Electric Group. A command execution vulnerability exists in WideField3, which can be exploited by an attacker to execute malicious code...

Multiple Schneider Electric Products Data Forgery Issue Vulnerabilities

Schneider Electric Modicon M218 Logic Controller, etc. are a programmable logic controller from Schneider Electric France. A data forgery vulnerability exists in multiple Schneider Electric products, which can be exploited by attackers to execute malicious code...

Unspecified Vulnerability in Multiple Schneider Electric Products (CNVD-2021-25704)

Schneider Electric Modicon M218 Logic Controller, etc. are a programmable logic controller from Schneider Electric France. A security vulnerability exists in a number of Schneider Electric products, which arises from a program that transmits sensitive information in clear text and can be exploite...