124 matches found
CVE-2020-28220
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware All versions prior to V5.0.4.11 and SoMachine/SoMachine Motion software All versions, that could cause a buffer overflow when the length of a file transferred to the...
CVE-2020-28220
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware All versions prior to V5.0.4.11 and SoMachine/SoMachine Motion software All versions, that could cause a buffer overflow when the length of a file transferred to the...
CVE-2020-28220
CVE-2020-28220 affects Schneider Electric Modicon M258 firmware (all versions before 5.0.4.11) and SoMachine/SoMachine Motion software (all versions). The issue is a CWE-119 memory-bounds vulnerability that can cause a buffer overflow when the length of a file transferred to the webserver is not ...
Schneider Electric Modicon M258 Buffer Error Vulnerability
The Schneider Electric Modicon M258 is a programmable automation controller from Schneider Electric France. SoMachine A buffer error vulnerability exists in all versions of the SoMachine Modicon M258 Firmware, which stems from an improperly restricted operation within the scope of the memory buff...
Schneider Electric EcoStruxure Machine Expert-Basic or SoMachine Basic Injection Vulnerability
Schneider Electric EcoStruxure Machine Expert-Basic and SoMachine Basic are both products of Schneider Electric, France.Schneider Electric EcoStruxure Machine Expert-Basic is a PLC configuration application. The program is mainly used for programmable logic controller configuration, programming a...
PT-2020-19607
Name of the Vulnerable Software and Affected Versions EcoStruxure Machine Expert – Basic or SoMachine Basic programming software affected versions not specified Description A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' issue exists, whi...
Memory Corruption Vulnerability in SoMachine HVAC Programming Software ModbusCustomEditor.exe
SoMachine HVAC programming software is compact, flexible and easy to install. Supports IEC61131-3 5 universal programming languages, universal ladder diagrams, function blocks and other programming. SoMachine HVAC Programming Software ModbusCustomEditor.exe has a memory corruption vulnerability,...
The vulnerability of the SoMachine and SoMove logic controller programming programs lies in the use of an unreliable search path, which allows a hacker to load the malicious DLL library and execute arbitrary code.
The vulnerability of the SoMachine and SoMove logic controller programming programs is related to the use of an unreliable search path. Exploiting this vulnerability allows a hacker to load the malicious DLL library and execute arbitrary code...
Schneider-electric Somachine Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM...
Schneider-electric Somachine Unspecified Vulnerability
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic. File...
Schneider-electric Somachine Improper Input Validation
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message. File data ot500329.nasl...
Schneider-electric Somachine Insufficient Verification of Data Authenticity
A Insufficient Verification of Data Authenticity CWE-345 vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration IP address, mask and gateway when remotely connected to the device. File data ot500165.nasl...
Schneider-electric Somachine Unspecified Vulnerability
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated. File data ot500174.nasl...
Schneider Electric SoMachine HVAC Code Issue Vulnerability
Schneider Electric SoMachine HVAC is a suite of programming software dedicated to Schneider Electric logic controllers from the French company Schneider Electric Schneider Electric. A code issue vulnerability exists in Schneider Electric SoMachine HVAC v2.4.1 and prior versions. The vulnerability...
CVE-2019-6826
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product...
CVE-2019-6826
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product...
Design/Logic Flaw
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product...
CVE-2019-6826
The CVE-2019-6826 entry concerns a CWE-426 Untrusted Search Path vulnerability in Schneider Electric SoMachine HVAC (v2.4.1 and earlier). The vulnerability arises when a malicious DLL library is loaded by the product, enabling arbitrary code execution on the system. Connected documents consistent...
CVE-2019-6826
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product...
Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 License Issue Vulnerability
Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 are both products of Schneider Electric, France.Schneider Electric SoMachine Basic is a suite of software for programming logic controllers. The Schneider Electric Modicon M221 is a programmable logic controller. An...