26 matches found
EUVD-2016-9409
Malware in sbrugna...
EUVD-2021-20393
Malware in sbrugna...
EUVD-2024-44808
Malicious code in bioql PyPI...
CVE-2024-50310
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 6GK7543-1AX10-0XE0 All versions = V4.0.44 V4.0.50. Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem...
The vulnerability of microprogrammed communication module software of SIMATIC CP 1543-1, related to incorrect authorization, allows a intruder to circumvent existing security restrictions.
The vulnerability of the microprogramming software for the SIMATIC CP 1543-1 communication modules is related to incorrect authorization. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent existing security restrictions...
CVE-2024-50310
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 6GK7543-1AX10-0XE0 All versions = V4.0.44 V4.0.50. Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem...
CVE-2024-50310
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 6GK7543-1AX10-0XE0 All versions = V4.0.44 V4.0.50. Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem...
CVE-2024-50310
The CVE-2024-50310 issue affects Siemens SIMATIC CP 1543-1 (V4.0) with firmware versions 4.0.44 through 4.0.49, where improper authorization could allow an unauthenticated remote attacker to access the filesystem. Public sources in connected documents specify remediation to update to version 4.0....
CVE-2024-50310
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 6GK7543-1AX10-0XE0 All versions = V4.0.44 V4.0.50. Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem...
PT-2024-8716
Name of the Vulnerable Software and Affected Versions SIMATIC CP 1543-1 versions 4.0.44 through 4.0.49 Description The issue is related to improper authorization handling in the SIMATIC CP 1543-1 communication module's firmware. This could allow an unauthenticated remote attacker to bypass existi...
Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment SACK sequences to affected products. This plugin only works with Tenable.ot...
Siemens SIMATIC CP Cleartext Storage of Sensitive Information (CVE-2021-33716)
A vulnerability has been identified in SIMATIC CP 1543-1 incl. SIPLUS variants All versions V3.0, SIMATIC CP 1545-1 All versions V1.1. An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext. This plugin only works with Tenable.ot...
Siemens SIMATIC CP 1543-1 Improper Privilege Management (CVE-2016-8561)
A vulnerability has been identified in SIMATIC CP 1543-1 All versions V2.0.28, SIPLUS NET CP 1543-1 All versions V2.0.28. Users with elevated privileges to TIA-Portal and project data on the engineering station could possibly get privileged access on affected devices. This plugin only works with...
Siemens (CVE-2019-12815)
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens SIMATIC CP 1543-1 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerability : Improper Input Validation, Improper Privilege Management 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-16-327-01 Siemens...
Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability
An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor CP that allows a privileged attacker to remotely cause a denial of service...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC CP 1543-1 incl. SIPLUS variants All versions V3.0, SIMATIC CP 1545-1 All versions V1.1. An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext...
CVE-2021-33716
The CVE-2021-33716 issue affects Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) and CP 1545-1. Affected versions: CP 1543-1 before v3.0 and CP 1545-1 before v1.1. Root cause: cleartext storage of sensitive information that can be retrieved by an attacker with subnet access. Impact: exposure of...
Siemens SIMATIC CP 1543-1
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerabilities: Improper Access Control, Loop with Unreachable Exit Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
CVE-2016-8562
A vulnerability has been identified in SIMATIC CP 1543-1 All versions V2.0.28, SIPLUS NET CP 1543-1 All versions V2.0.28. Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these...