Lucene search
K

711 matches found

RedhatCVE
RedhatCVE
added 2025/04/25 4:40 p.m.6 views

CVE-2025-27495

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and...

9.8CVSS8.1AI score0.00807EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:19 p.m.4 views

CVE-2025-31352

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateGateways' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS7.8AI score0.00604EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:17 p.m.7 views

CVE-2025-31343

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:16 p.m.5 views

CVE-2025-31349

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:16 p.m.5 views

CVE-2025-31350

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateBufferingSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:16 p.m.7 views

CVE-2025-31351

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:13 p.m.8 views

CVE-2025-31353

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS7.8AI score0.00604EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.5 views

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...

9CVSS6.7AI score0.00604EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.7 views

The vulnerability of the VerifyUser method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the VerifyUser method in software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

10CVSS7.9AI score0.00807EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.6 views

The vulnerability of the RestoreFromBackup method in software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the RestoreFromBackup method in software for managing and monitoring deleted objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

9CVSS7.7AI score0.00712EPSS
Exploits0References3Affected Software1
CISA
CISA
added 2025/04/22 12:0 p.m.4 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on April 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-112-01 Siemens TeleControl Server Basic SQL ICSA-25-112-02 Siemens TeleControl Server...

7AI score
Exploits0References5
CNVD
CNVD
added 2025/04/22 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08370)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the CreateLog method, which can be exploited by an attacker to bypass authorization...

8.8CVSS8.2AI score0.00525EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.3 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08365)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from an SQL injection in the GetTraces method, which can be exploited by an attacker to bypass authorization controls a...

8.8CVSS8.1AI score0.00598EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08362)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetActiveProjects, which can be exploited by an attacker to bypass...

8.8CVSS8.1AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.3 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08359)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method LockProjectUserRights, which can be exploited by an attacker to bypass authorization...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.3 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08358)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateConnectionVariables, which can be exploited by an attacker to...

8.8CVSS8.1AI score0.00648EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.3 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08351)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateSmtpSettings, which can be exploited by an attacker to bypass...

8.8CVSS8.2AI score0.00648EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability

TeleControl Server Basic is a server software for remote monitoring and control, widely used in industrial automation. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internal use of the LockProjectCrossCommunications method that fails to properly...

8.8CVSS8AI score0.00604EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.4 views

Siemens TeleControl Server Basic SQL Injection Vulnerability

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UpdateBufferingSettings, which can be exploited by an attacker to bypa...

8.8CVSS8.1AI score0.00648EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/22 12:0 a.m.5 views

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08620)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockProject, which can be exploited by an attacker to bypass authorization controls an...

8.8CVSS8.3AI score0.00604EPSS
Exploits0References1
Rows per page
Query Builder