WAGO PFC 200 Operating System Command Injection Vulnerability

The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. An operating system command injection vulnerability exists in the cloud connectivity feature of the WAGO PFC 200 using firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. The vulnerability stems from a...

WAGO PFC100 Resource Management Error Vulnerability

The WAGO PFC100 is a programmable logic controller PLC from WAGO Germany. A source management error vulnerability exists in the WAGO PFC100 funding, which can be exploited by an attacker to cause a denial of service...

Multiple Siemens Products Resource Consumption Vulnerability

Siemens SIMATIC S7-300 CPUs etc. are products of Siemens, Germany.SIMATIC S7-300 CPUs is a CPU Central Processing Unit module.Siemens SIMATIC S7-1200 is a PLC Programmable Logic Controller of the S7-1200 series. Siemens SIMATIC S7-400 is a programmable logic controller for manufacturing and proce...

Buffer Overflow Vulnerability in WECON PLC Editor

WECON PLC Editor is a programming software for Programmable Logic Controllers PLC from WECON Technologies, China. A buffer overflow vulnerability exists in WECON PLC Editor, which can be exploited by an attacker to cause a denial of service or code execution with the privileges of the application...

Denial of service vulnerability in schneider M580 (CNVD-2020-04562)

Schneider Electric SA is a global electrical company headquartered in France and a global specialist in energy efficiency management and automation. A denial of service vulnerability exists in the schneider M580, which can be exploited by an attacker to cause the loss of the PLC's internal...

CVE-2019-18236

Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.520190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application...

WAGO PFC 200 'I/O-Check' Buffer Overflow Vulnerability

The WAGO PFC 200 and WAGO PFC 100 are both programmable logic controllers PLCs from WAGO Germany. A buffer overflow vulnerability exists in the 'I/O-Check' function in the WAGO PFC 200 and PFC100. The vulnerability originates when a networked system or product performs an operation on memory...

WAGO PFC200 Buffer Overflow Vulnerability (CNVD-2019-46395)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A buffer overflow vulnerability exists in the WAGO PFC200. The vulnerability originates when a networked system or product performs an operation on memory without properly validating data boundaries, resulting in incorrect...

WAGO PFC 200 Buffer Overflow Vulnerability

The WAGO PFC 200 is a programmable logic controller PLC from the German company WAGO. A buffer overflow vulnerability exists in the I/O-Check function in the WAGO PFC 200. The vulnerability originates when a networked system or product performs an operation on memory without properly validating...

Authentication Bypass Vulnerability in GE PLC IC695CPE330

The GE PLC IC695CPE330 is a General Electric programmable logic controller. The GE PLC IC695CPE330 suffers from an authentication bypass vulnerability that can be exploited by an attacker to bypass privilege validation and gain access to all WEB content...

SIEMENS S7-200 SIMATIC PLC suffers from a remote control vulnerability (CNVD-2019-37705)

S7-200 SMART is a small PLC developed by Siemens with a friendly interface and more user-friendly software operation. A remote control vulnerability exists in SIEMENS S7-200 SIMATIC PLC. An attacker can exploit the vulnerability to construct special application layer data messages that result in ...

SIEMENS S7-200 SIMATIC PLC has a remote control vulnerability

S7-200 SMART is a small PLC developed by Siemens with a friendly interface and more user-friendly software operation. A remote control vulnerability exists in SIEMENS S7-200 SIMATIC PLC, which can be exploited by attackers to remotely control the PLC...

NAPro has a backdoor vulnerability

NAPro is a PLC programming software developed by Nanda Aotuo Technology Jiangsu Co. NAPro has a backdoor vulnerability that can be exploited by an attacker to log into a PLC and perform illegal operations...

Authentication Bypass Vulnerability in Unity Pro XL

Unity Pro XL is a PLC programming software from Schneider Electric. An authentication bypass vulnerability exists in Unity Pro XL, which can be exploited by an unauthorized attacker to gain access to the PLC...

The vulnerability of the microprogrammed programmable logic controller Modicon, related to unprocessed exceptions, allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed programmable logic controller Modicon is related to unprocessed exceptions. Exploiting this vulnerability could allow a malicious actor to cause malfunctions during the recording of certain application variables using the Modbus protocol in the controller...

The vulnerability of microprogrammed software in Modicon, ATV IMC, and PacDrive programmable logic controllers lies in the lack of authentication for a critical function, allowing an intruder to alter the device’s configuration.

The vulnerability of microprogrammed software in Modicon, ATV IMC, and PacDrive programmable logic controllers is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to remotely alter the device’s configuration IP address,...

The vulnerability of SCALANCE programmable logic controllers’ microprogramming software is related to insufficient protection of the website structure, allowing attackers to obtain the protected web connection identifiers.

The vulnerability of the microprogrammed programmable logic controller SCALANCE is related to insufficient protection of the website structure. Exploiting this vulnerability could allow an attacker to disclose the protected web connection identifiers from cookie files through a specially crafted...

The vulnerability of the microprogrammed programmable logic controller SCALANCE, related to insufficient neutralization of special elements, allows a intruder to execute arbitrary system commands.

The vulnerability of the microprogrammed programmable logic controller SCALANCE is related to the insufficient neutralization of certain special elements. Exploiting this vulnerability allows an attacker with administrator privileges to execute arbitrary system commands...

The vulnerability of the microprogrammed programmable logic controller SCALANCE, related to insufficient neutralization of special elements, allows a intruder to execute arbitrary system commands.

The vulnerability of the microprogrammed programmable logic controller SCALANCE is related to the insufficient neutralization of certain special elements. Exploiting this vulnerability could allow a intruder, who does not have access to the Aruba Instant web interface, to execute arbitrary system...

Schneider Electric Modicon Illegal Memory Block Write Denial of Service Vulnerability

The Schneider Electric Modicon M580, M340 is a programmable automation controller. An illegal memory block write vulnerability exists in the Schneider Electric Modicon M580, M340, which allows remote attackers to exploit the vulnerability by submitting a specific request, which can be used in a...