CVE-2022-25359

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files...

The vulnerability of the microprogrammed software of the programmable logic controller ScadaFlex II SCADA Controller SC-1/SC-2 lies in the absence of authentication procedures, allowing unauthorized access to the device without being authenticated.

The vulnerability of the controller is related to the absence of authentication procedures. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the device...

Industrial Control Links ScadaFlex II SCADA Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Industrial Control Links Equipment: ScadaFlex II SCADA Controllers Vulnerability: External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this...

CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products

The U.S. Cybersecurity and Infrastructure Security Agency CISA has published eight Industrial Control Systems ICS advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682 CVSS score: 9....

CVE-2022-25359

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files...

CVE-2022-25359

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files...

CVE-2022-25359

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files...

CVE-2022-25359

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files...

CVE-2022-25359

CVE-2022-25359 affects Industrial Control Links ScadaFlex II SCADA Controllers SC-1/SC-2. According to ICS/CISA data, unauthenticated remote attackers can overwrite, delete, or create files via external control of file name or path (CWE-73). Affected SW versions include 1.03.07 (build 317) and ol...

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD

Exploit Title: CL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Exploit Author: LiquidWorm !/usr/bin/env python3 -- coding: utf-8 -- ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Vendor: Industrial Control Links, Inc. Product web page:...

Industrial Control Links Icl ScadaFlex II Scada Controllers 访问控制错误漏洞

Industrial Control Links Icl ScadaFlex II Scada Controllers is a set of Web Scada controllers from Industrial Control Links, Inc. It is designed to provide a complete Scada system at the lowest possible cost. An Access Control Error vulnerability exists in ICL ScadaFlex II SCADA Controllers...

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File Modification

!/usr/bin/env python3 -- coding: utf-8 -- ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Vendor: Industrial Control Links, Inc. Product web page: http://www.iclinks.com Product datasheet:...