Denial of Service Vulnerability in GX Works2 (CNVD-2021-16895)

GX Works2 is a PLC programming software. A memory out-of-bounds access vulnerability exists in GX Works2. An attacker could exploit this vulnerability to cause the program to crash...

Code Injection Vulnerability in GX Works2

GX Works2 is a PLC programming software. A code injection vulnerability exists in GX Works2. An attacker can exploit this vulnerability to gain server privileges...

Programming Cat Small Office Customized Classes has a dll hijacking vulnerability

Programming Cat Small Office Customized Class is a programming learning software. Programming Cat Small Office Customized Class has a dll hijacking vulnerability. An attacker can exploit the vulnerability to load a malicious dll and execute malicious code...

Red Lion Controls Crimson 安全漏洞

Crimson is a programming software from Red Lion. Crimson suffers from a resource improperly closed or freed vulnerability. An attacker can exploit this vulnerability by sending a specially crafted message to leak arbitrary memory locations...

Siemens LOGO! 8 BM 加密问题漏洞

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM, which can be exploited by an attacker to gain unauthorized full access to all services...

Denial of Service Vulnerability in Mitsubishi Electric Corporation GX Works2 (CNVD-2020-49073)

GX Work2 is a PLC programming software developed by Mitsubishi Electric Automation Co., Ltd. for PLC design, debugging, maintenance and other work, which is widely used in electric power, machinery manufacturing, iron and steel, petroleum, chemical and other industrial control fields. A denial of...

Denial of Service Vulnerability in Mitsubishi Electric Corporation GX Works2 (CNVD-2020-49072 )

GX Work2 is a PLC programming software developed by Mitsubishi Electric Automation Co., Ltd. for PLC design, debugging, maintenance and other work, which is widely used in electric power, machinery manufacturing, iron and steel, petroleum, chemical and other industrial control fields. A denial of...

Denial of Service Vulnerability in Proficy Machine Edition (CNVD-2020-32607)

Proficy Machine Edition is a PLC programming software developed by Emerson Trading Shanghai Co., Ltd. for designing, debugging, programming, and maintaining GE RX 3i and GE RX7i series PLCs, which is widely used in industrial control fields such as electric power, machinery manufacturing, steel,...

Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Schneider Electric...

XG5000 suffers from dll hijacking vulnerability

XG5000 is a software for programming and debugging XGT/XGB series PLCs. XG5000 suffers from a dll hijacking vulnerability that can be exploited by attackers to execute malicious code...

Horner Automation/APG Cscape Programming Software Detection (Windows SMB Login)

SMB login-based detection of Horner Automation formerly Horner APG Cscape Programming software. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

WECON LeviStudioU Stack Heap Buffer Overflow Vulnerability

WECON LeviStudio is a set of HMI programming software from WECON China. WECON LeviStudioU suffers from a stack heap buffer overflow vulnerability that could allow an attacker to execute remote code...

Memory Read Out-of-Bounds Vulnerability in Inventec VS Series HMI Programming Software

Shenzhen Inventec Electric Co., Ltd. is a product and service provider in the field of electrical transmission, industrial control and new energy. A memory read out-of-bounds vulnerability exists in Inventec's VS series HMI programming software. The vulnerability is caused due to a file failure t...

Denial of Service Vulnerability in Auto Station

Auto Station is a PLC-IVC series programming software from INVT. Auto Station suffers from a denial of service vulnerability. When the input 'data content' is more or less than its corresponding 'length', an attacker can obtain a null address via the GetVauleName function, resulting in a denial o...

The vulnerability of the web server of the software complex for programming with CoDeSys allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the web server of the CoDeSys PLC programming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code using a specially crafted request...

The vulnerability of the CX-Programmer and micro-programming software of PLC Omron CJ2M and Omron CJ2H lies in the reversibility of the password encoding method. This allows attackers to obtain access passwords to the controllers.

The vulnerability of the development environment “CX-Programmer,” which is part of the software suite “CX-One” designed for programming and configuring Omron PLCs, as well as Omron microcontrollers like CJ2M and CJ2H, is related to the reversibility of the password encoding method. Exploiting thi...

CVE-2017-14020

In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...

CVE-2017-14020

CVE-2017-14020 affects AutomationDirect products including CLICK Programming Software (C0-PGMSW) <= v2.10, C-More Programming Software (EA9-PGMSW) <= v6.30, C-More Micro (EA-PGMSW) <= v4.20.01.0, Do-more Designer (DM-PGMSW) <= v2.0.3, GS Drives (GSOFT) <= v4.0.6, SL-SOFT SOLO (SL-S...

CVE-2017-14020

In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...

Wecon Technologies LEVI Studio HMI Editor

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Wecon Technologies Equipment: LEVI Studio HMI Editor Vulnerabilities: Heap-Based Buffer Overflow, Stack-Based Buffer Overflow AFFECTED PRODUCTS The following versions of LEVI Studio HMI Editor, a HMI programming...