107 matches found
Delta Electronics ISPSoft Buffer Error Vulnerability
Delta Electronics ISPSoft is a PLC Programmable Logic Controller programming software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics ISPSoft that stems from a heap buffer overflow vulnerability...
The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML links to external objects. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the WPLSoft programming software lies in the possibility of an operation going beyond the buffer boundaries in memory, which can allow a hacker to cause a system failure.
The vulnerability of the WPLSoft PLC programming software lies in the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause system failures remotely...
The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) lies in its use of memory after it is freed. This allows a hacker to execute arbitrary code.
The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the use of memory after it is freed. Exploiting this vulnerability can allow an intruder to execute arbitrary code using a specially created project file...
CVE-2023-41374
Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of...
CVE-2023-41374
Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of...
CVE-2023-41374
Summary: CVE-2023-41374 is a double-free vulnerability in Kostac PLC Programming Software (KPP) versions 1.6.11.0 and earlier, related to parsing of KPP project files. If a user opens a specially crafted project file saved with 1.6.9.0 or earlier, arbitrary code execution may occur. Mitigation: s...
CVE-2023-41375
CVE-2023-41375 is a use-after-free vulnerability in Kostac PLC Programming Software (KPP) 1.6.11.0 and earlier, due to parsing of KPP project files saved with 1.6.9.0 or earlier. Exploitation may allow arbitrary code execution when a user opens a specially crafted project file. The vendor notes t...
Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software
Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Double free CWE-415 - CVE-2023-41374 Use-after-free CWE-416 - CVE-2023-41375 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with th...
JTEKT Kostac PLC Programming Software Resource Management Error Vulnerability
JTEKT Kostac PLC Programming Software is PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.11.0 and earlier, which stems from the presence of a double release...
The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.
The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Schneider Electric EcoStruxure Control Expert Code Execution Vulnerability
Schneider Electric EcoStruxure Control Expert is a suite of programming software for Schneider Electric logic controller products from Schneider Electric, France. A code execution vulnerability exists in Schneider Electric EcoStruxure Control Expert V15.1 and prior versions, which arises from the...
The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the execution of operations beyond the buffer boundaries in memory. This allows an intruder to gain unauthorized access to protected information or execute arbitrary code.
The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the execution of an operation beyond the buffer boundaries in memory when processing a comment block within the project file information. Exploiting this vulnerability can allow an intruder ...
Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software
Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2023-22419, CVE-2023-22421 Use-after-free CWE-416 - CVE-2023-22424 Michael Heinzl reported these vulnerabilities to JPCERT/CC...
CVE-2023-22419
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a special...
CVE-2023-22421
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. The insufficient buffer size for the PLC program instructions leads to out-of-bounds read. As a result, opening a specially crafted project file may...
CVE-2023-22424
Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...
Out-of-bounds
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a special...
Design/Logic Flaw
Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...
JTEKT Kostac PLC Programming Software 缓冲区错误漏洞
JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an inability to validate data...