Command Injection Vulnerability in NA300 PLC

The NA300 PLC is a mid-size programmable controller. A command injection vulnerability exists in the NA300 PLC. The vulnerability stems from the failure of the system's ehtdbg program to properly handle input parameters, which allows an attacker to bypass checks and inject commands via constructe...

Delta WPLSoft suffers from a buffer overflow vulnerability

WPLSoft is a plc programming tool. A buffer overflow vulnerability exists in Delta WPLSoft. An attacker can construct malformed data to cause the software to crash...

The vulnerability of the microprogrammed software of Schneider Electric Modicon M221, caused by errors in handling exceptional states, allows a intruder to perform a system reboot.

The vulnerability of the microprogrammed software in Schneider Electric Modicon M221 programmable logic controllers arises due to errors in handling exceptional states. Exploiting this vulnerability can allow an attacker to remotely perform a system reboot...

CVE-2018-7790

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a...

Schneider Electric Modicon M221 Authentication Sequence Replay Vulnerability

The Modicon M221 is a logic controller from Schneider Electric. The Schneider Electric Modicon M221 suffers from an authentication sequence replay vulnerability that can be exploited by an attacker to replay the authentication sequence, which can be used to connect to the Modicon M221 and upload...

Denial of Service Vulnerability in Hologic LE5109L PLC (CNVD-2018-18910)

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A denial of service vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause a denial of service in the PLC by unauthorized construction of specific...

Denial of Service Vulnerability in Hologic LE5109L PLC (CNVD-2018-18909)

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A denial of service vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause a denial of service in the PLC by constructing specific private protocol...

Denial of Service Vulnerability in Hologic LE5109L PLC (CNVD-2018-18906)

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A denial of service vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause the PLC to be remotely controlled by constructing specific private protoco...

Remote Controller Removal Vulnerability in HOLLYWOOD LE5109L PLCs

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A remote controller removal vulnerability exists in the Hologic LE5109L PLC, where an attacker can construct specific modbus packets to remotely remove all program and configuration...

Arbitrary Program Removal Vulnerability in HOLLYWOOD LE5109L PLCs

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. An arbitrary program removal vulnerability exists in the HELISE LE5109L PLC, which can be exploited by an attacker to cause malicious removal of programs from the PLC controller via...

Remote Control Vulnerability in Haiwell C10S0R(-e) PLCs

C10S0R-e PLC is a product in the programmable logic controller PLC series of Xiamen Haiwei Technology Co. The Haiwell C10S0R-e PLC suffers from a remote control vulnerability, which can be exploited by an attacker to control PLC startup and stopping via unauthorized construction of specific netwo...

Information Disclosure Vulnerability in Haiwell C10S0R(-e) PLCs

C10S0R-e PLC is a product in the programmable logic controller PLC series of Xiamen Haiwei Technology Co. The Haiwell C10S0R-e PLC suffers from an information disclosure vulnerability that can be exploited by an attacker to obtain PLC configuration information via unauthorized construction of...

Haiwell C10S0R(-e) PLC Arbitrarily Change Configuration Information Vulnerability

C10S0R-e PLC is a product in the programmable logic controller PLC series of Xiamen Haiwei Technology Co. The Haiwell C10S0R-e PLC is vulnerable to arbitrary change of configuration information, which can be exploited by an attacker to change the configuration information of the PLC through...

Memory Arbitrary Tampering Vulnerability in Haiwell C10S0R(-e) PLCs

C10S0R-e PLC is a product in the programmable logic controller PLC series of Xiamen Haiwei Technology Co. The Haiwell C10S0R-e PLC suffers from an arbitrary memory tampering vulnerability, which can be exploited by an attacker to control the output of the PLC via unauthorized construction of...

Password Leakage Vulnerability in DCCE MAC1100 PLCs

MAC1100 PLC is a programmable logic controller manufactured by Dalian Polytechnic Computer Control Engineering Co. A password leakage vulnerability exists in the DCCE MAC1100 PLC, which can be exploited by an attacker to obtain the PLC user name and password while the computer is connected to the...

Denial of Service Vulnerability in DCCE MAC1100 PLCs

MAC1100 PLC is a programmable logic controller manufactured by Dalian Polytechnic Computer Control Engineering Co. A denial of service vulnerability exists in the DCCE MAC1100 PLC, which can be exploited by an attacker to cause the PLC to shut down and the CPU to deny service via unauthorized...

Buffer overflow vulnerability in multiple Schneider Electric products (CNVD-2018-11262)

Schneider Electric Modicon M340, etc. are programmable logic controller products of Schneider Electric France. A buffer overflow vulnerability exists in the web service used to process SOAP requests in several Schneider Electric products. An attacker could exploit this vulnerability to cause a...

Information Disclosure Vulnerability in Hologic LE5109L PLCs

HELISE Group is a professional automation company integrating R&D, production, sales and technical service. With integrated Ethernet, PROFIBUS-DP, RS232 and RS485 interfaces, HELISE's PLCs have been widely used in electric power, chemical industry, metallurgy, energy and other fields. An...

Denial of Service Vulnerability in Hologic LE5109L PLC (CNVD-2018-08756)

HELISE Group is a professional automation company integrating R&D, production, sales and technical service. With integrated Ethernet, PROFIBUS-DP, RS232 and RS485 interfaces, HELISE's PLCs have been widely used in electric power, chemical industry, metallurgy, energy and other fields. A denial of...

Denial of Service Vulnerability in Tengen Controls T920 PLC (CNVD-2018-08788)

T-920 Programmable Logic Controller PLC is a product in the T9 series Programmable Logic Controller PLC series of China TengControl Technology TENGCONTROL TECHNOLOGY. The product is widely used in tobacco, petrochemical, water and other important industrial control site. A denial of service...