77 matches found
Meet critical infrastructure security compliance requirements with Microsoft 365
Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Every operator of an industrial control system also operates an IT network to service its productivity needs. A supervisory control and data acquisition SCADA system operator of a power...
Racom 安全漏洞
The RACOM M!DGE is a cellular router designed for SCADA and telemetry mission-critical applications and is ideally suited for many different wireless applications. An OS command injection vulnerability exists in the RACOM M!DGE firmware version 4.4.40.105. An attacker can exploit this vulnerabili...
CVE-2020-7547
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow a user the ability to perform actions via the web interface at a higher privilege level...
Vulnerability of software packages for monitoring and data collection: MC Works64/MC Works32, FrameWorX server, centralized configuration environment for HMI-/SCADA applications, Platform Services software platform, GenBroker64/GenBroker32 application for managing access rights. This vulnerability allows a malicious actor to execute arbitrary code or trigger a service failure.
The vulnerabilities of the software packages for supervisory control and data collection, MC Works64/MC Works32, the FrameWorX server, the centralized configuration environment for HMI-/SCADA applications, the Platform Services software platform, and the GenBroker64/GenBroker32 application for...
Vulnerability of software packages for supervisory control and data collection: MC Works64/MC Works32, FrameWorX server, centralized configuration environment for HMI-/SCADA applications, Platform Services software platform, GenBroker64/GenBroker32 application for organization of access rights exchange. This vulnerability is related to insufficient control over code generation, allowing attackers to execute arbitrary commands.
The vulnerabilities of the software packages for supervisory control and data collection, MC Works64/MC Works32, the FrameWorX server, the centralized configuration environment for HMI-/SCADA applications, the Platform Services software platform, and the GenBroker64/GenBroker32 application for...
Vulnerability of software packages for supervisory control and data collection: MC Works64/MC Works32, FrameWorX server, centralized configuration environment for HMI-/SCADA applications: Workbench, software platform: Platform Services, application for organization of API exchange: GenBroker64/GenBroker32. This vulnerability is related to deficiencies in the deserialization mechanism, allowing a intruder to trigger a service failure.
The vulnerabilities of the software packages for supervisory control and data collection MC Works64/MC Works32, the FrameWorX server, the centralized configuration environment for HMI-/SCADA applications, the Platform Services software platform, and the GenBroker64/GenBroker32 application for...
Siemens Spectrum Power™ 4 Unsecure Storage of Sensitive Information Vulnerability (CNVD-2020-51236)
Spectrum Power™4 provides the basic components for modeling data for SCADA, communications, and control and monitoring systems. A security vulnerability exists in Siemens Spectrum Power™4. An attacker could exploit the vulnerability to conduct a directory listing attack...
Denial of Service Vulnerability in Advantech WebAccess/SCADA (CNVD-2020-57242)
Advantech WebAccess/SCADA is a suite of SCADA software based on a browser architecture. A denial of service vulnerability exists in Advantech WebAccess/SCADA. An attacker could exploit this vulnerability to cause a denial of service...
Advantech WebAccess/SCADA suffers from a command execution vulnerability (CNVD-2020-48616)
Advantech WebAccess/SCADA is a suite of SCADA software based on a browser architecture. A command execution vulnerability exists in Advantech WebAccess/SCADA. An attacker could exploit the vulnerability to execute console commands...
Inductive Automation Ignition Access Control Error Vulnerability
Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. An access control error vulnerability exists in Inductive Automati...
LCDS LAquis SCADA Input Validation Error Vulnerability
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. An input validation error vulnerability exists in LCDS LAquis SCADA version...
LCDS LAquis SCADA Information Disclosure Vulnerability (CNVD-2020-25541)
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. An information disclosure vulnerability exists in LCDS LAquis SCADA version...
The vulnerability of the SCADA system MasterSCADA, related to the operation of buffers in memory outside the system’s boundaries, allows a intruder to trigger an emergency termination of the program process.
The vulnerability of the SCADA system MasterSCADA relates to the execution of operations outside the buffer in memory, as well as the use of memory after it has been freed. Exploiting this vulnerability can allow an intruder to cause the program to terminate abnormally...
LCDS LAquis SCADA Information Disclosure Vulnerability
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.3.1.71. The...
CVE-2019-6827
A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Graphical SCADA System IGSS, Version 14 and prior, which could cause a software crash when data in the mdb database is manipulated...
CVE-2019-6521
WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information...
CVE-2018-18992
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server...
Unspecified vulnerability in LCDS LAquis SCADA (CNVD-2019-28114)
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.1.0.3870. The...
LCDS LAquis SCADA Injection Vulnerability
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.1.0.3870, whi...
Advantech WebAccess/SCADA Buffer Overflow Vulnerability (CNVD-2019-32478)
Advantech WebAccess/SCADA is a set of SCADA software from Advantech based on browser architecture. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A buffer overflow vulnerability exists in Advantech...