29 matches found
EUVD-2023-42439
Malicious code in bioql PyPI...
EUVD-2023-49512
Malicious code in bioql PyPI...
CVE-2023-45205
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.20. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTE...
CVE-2022-43724
A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...
CVE-2022-43722
A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...
Siemens SICAM PAS/PQS Incorrect Privilege Assignment Vulnerability (CNVD-2023-75593)
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited to inject arbitrary code and elevate privileges to NT AUTHORITY/SYSTEM...
CVE-2023-45205
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.20. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTE...
CVE-2023-45205
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.20. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTE...
CVE-2023-38640
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...
Code injection
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.20. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTE...
CVE-2023-45205
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.20. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to NT AUTHORITY/SYSTE...
CVE-2023-38640
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...
CVE-2023-38640
A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...
Siemens SICAM PAS/PQS 安全漏洞
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited by an attacker to read and modify configuration data in the context of an...
Siemens SICAM PAS/PQS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens SICAM PAS/PQS Uncontrolled Search Path Element Vulnerability
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 that stems from a failure to properly protect the containing folder. An attacker can exploit the...
Siemens SICAM PAS/PQS Sensitive Information Plaintext Transfer Vulnerability
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 due to the affected software transmitting database credentials for the built-in SQL server in clear...
CVE-2022-43723
A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...
CVE-2022-43722
A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...
CVE-2022-43724
A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...