268 matches found
Inductive Automation Ignition 安全漏洞
Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface, and more. A security vulnerability exists in Inductive Automation Ignition that stem...
The vulnerability of the EisBaer SCADA system, which stems from the use of a strictly encrypted cryptographic key, allows attackers to gain unauthorized access to protected information.
The vulnerability of the EisBaer SCADA system is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...
The vulnerability of the IGSSupdateservice.exe executable of the interactive graphical SCADA system, which allows a intruder to execute arbitrary code.
The vulnerability of the IGSSupdateservice.exe executable of the Interactive Graphical SCADA System IGSS update service is related to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to execute arbitrary code by loading the malicious update file...
ARDEREG Sistemas SCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ARDEREG Equipment: Sistemas SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate SQL query logic to extract...
mySCADA myPRO OS Command Injection Vulnerability (CNVD-2023-38197)
mySCADA myPRO is a software application. myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO 8.26.0 and earlier versions, which can be exploited by an...
TEL-STER TelWin SCADA WebInterface 路径遍历漏洞
TEL-STER TelWin SCADA WebInterface is a data acquisition and monitoring control system from TEL-STER Poland. A security vulnerability exists in TEL-STER TelWin SCADA WebInterface that originates from the ability to use external input to construct paths to files and directories without correctly...
Schneider Electric IGSS
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Missing Authentication for Critical Function, Insufficient Verification of Data Authenticity, Deserialization of...
The vulnerability of the Custom Reports component of the SCADA system’s data server, as well as the monitoring tools of the Custom Reports and IGSS Dashboards, allows a perpetrator to execute arbitrary code.
The vulnerability of the Custom Reports component of the SCADA system’s data server and the Custom Reports and IGSS Dashboard monitoring tools exists due to insufficient verification of input data. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using a specially...
Schneider Electric IGSS Data Server Access Control Error Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An access control error vulnerability exists in Schneider Electric IGSS Data Server, which stems from a lack of authentication of key functional identities and could be...
Schneider Electric IGSS Data Server Access Control Error Vulnerability (CNVD-2023-29375)
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An access control error vulnerability exists in Schneider Electric IGSS Data Server, which could be exploited by an attacker to create malicious report files in the IGSS...
Schneider Electric IGSS Data Server Input Validation Error Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. Schneider Electric IGSS Data Server is vulnerable to an input validation error, which could be exploited by an attacker to cause remote code execution...
Schneider Electric IGSS Data Server Data Forgery Issue Vulnerability (CNVD-2023-29373)
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. Schneider Electric IGSS Data Server is vulnerable to a data forgery issue, which could be exploited by an attacker to send specific crafted messages to the data server T...
Schneider Electric IGSS Data Server Data Forgery Issue Vulnerability (CNVD-2023-29371)
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. Schneider Electric IGSS Data Server is vulnerable to a data forgery issue, which could be exploited by an attacker to gain access to delete files in the IGSS project...
Schneider Electric IGSS Data Server Data Forgery Issue Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. Schneider Electric IGSS Data Server is vulnerable to a data forgery issue, which can be exploited by an attacker to cause a denial of service by sending a specific craft...
PT-2023-7551 · Unknown · Trace Mode
Name of the Vulnerable Software and Affected Versions: TRACE MODE affected versions not specified Description: The issue is related to the unencrypted storage of credentials in the SCADA system. Exploitation of this issue could allow an attacker to modify user privileges, potentially granting...
Schneider Electric IGSS Data Server Integer Overflow Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An integer overflow vulnerability exists in Schneider Electric IGSS Data Server, which could be exploited by an attacker to submit special requests that could crash the...
Securing IoT devices against attacks that target critical infrastructure
South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today. According to South...
Securing IoT devices against attacks that target critical infrastructure
South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today. According to South...
PT-2022-5035 · Hitachi Energy · Hitachi Energy Microscada X Sys600
Name of the Vulnerable Software and Affected Versions: Hitachi Energy MicroSCADA X SYS600 versions 10.2 through 10.3.1 Description: The issue is related to an Improper Input Validation vulnerability in the ICCP stack of Hitachi Energy MicroSCADA X SYS600. This vulnerability can cause a...
Distributed Data Systems WebHmi 操作系统命令注入漏洞
Distributed Data Systems WebHmi is a Scada system with a built-in web server from Distributed Data Systems, Ukraine. It is used to monitor and control any automation system on a local network and over the Internet from computers and mobile devices. An operating system command injection...