105 matches found
CVE-2020-7529
SCADAPack 7x Remote Connect (versions up to 3.6.3.574) contains a path traversal vulnerability (CWE-22) that lets an attacker craft an RCZ file to place content in any unprotected directory on the target system. Root cause: improper pathname handling allowing access outside a restricted directory...
CVE-2020-7528
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer...
CVE-2020-7528
SCADAPack 7x Remote Connect (versions up to 3.6.3.574) is affected by CWE-502 Deserialization of Untrusted Data. A vulnerability exists where an attacker can construct a malicious .PRJ file containing a serialized buffer that leads to arbitrary code execution. The issue is consistently described ...
PT-2020-19617 · Schneider Electric · Scadapack 7X Remote Connect
Name of the Vulnerable Software and Affected Versions: SCADAPack 7x Remote Connect versions 3.6.3.574 and prior Description: A vulnerability exists that allows improper access to executable code folders due to improper authorization. Recommendations: For SCADAPack 7x Remote Connect versions...
Schneider Electric SCADAPack VxWorks Debugger漏洞
施耐德电气集团对能源和基础设施、工业、数据中心和网络、楼宇以及住宅等领域提供产品和服务。 Schneider Electric SCADAPack 330, 334, 350, 357产品由于启用了VxWorks调试代理存在安全漏洞,远程攻击者通过发送特制的请求到UDP端口17185,利用此漏洞可控制受影响设备。 0 Schneider Electric SCADAPack 35x Schneider Electric SCADAPack 33x 厂商补丁: Schneider Electric ------------------...