1479 matches found
CODESYS多款产品 安全漏洞
CODESYS Control and others are products of the German company CODESYS. CODESYS Control is a set of industrial control programming software. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. Several CODESYS products have security vulnerabilities. These...
CODESYS多款产品 安全漏洞
CODESYS and others are products of the German CODESYS company. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. CODESYS Control RTE is a high-performance programmable controller. Several CODESYS products have security vulnerabilities; these...
CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41728
CVE-2025-41728 concerns Beckhoff Device Manager. Multiple sources describe a low-privilege remote attacker who can disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service, triggering an out-of-bounds read under...
CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41727 Beckhoff: Performing privileged operations and gaining administrator access
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41727
Beckhoff CVE-2025-41727 describes a local, low-privilege attacker bypassing authentication in the Device Manager user interface, enabling privileged operations and administrator access. Documented sources (NVD/Red Hat/CVE list) confirm the vulnerability exists in a Beckhoff component exposing a U...
CVE-2025-41727 Beckhoff: Performing privileged operations and gaining administrator access
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
Beckhoff Automation's various products have buffer error vulnerabilities
Beckhoff Automation’s Beckhoff.Device.Manager.XAR, among others, are products of the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. Beckhoff Automation’s MDP software package for TwinCAT/BSD is a core...
Several products of Beckhoff Automation have security vulnerabilities.
Beckhoff Automation’s Beckhoff.Device.Manager.XAR, etc., are products of the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. Beckhoff Automation’s MDP software package for TwinCAT/BSD is a core componen...
Beckhoff Automation's various products have a vulnerability regarding input validation errors.
Beckhoff Automation products such as Beckhoff.Device.Manager.XAR are developed by the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. The Beckhoff Automation MDP software package for TwinCAT/BSD is a co...
CVE-2025-41768 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server
An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation 'Cross-site Scripting'...
CVE-2025-41768 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server
An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation 'Cross-site Scripting'...
CVE-2025-41768
Summary: CVE-2025-41768 affects TwinCAT 3 HMI Server. An authenticated administrator can inject arbitrary content into the device’s custom CSS field, which is persisted and later echoed on login and error pages, constituting a stored XSS. The connected Red Hat, NVD, CVE list, and security feeds d...
Beckhoff Automation TwinCAT 3 HMI Server Cross-site Scripting Vulnerability
Beckhoff Automation TwinCAT 3 HMI Server is a data transmission and permission management component developed by the American company Beckhoff Automation. The Beckhoff Automation TwinCAT 3 HMI Server has a cross-site scripting vulnerability. This vulnerability allows authenticated administrators ...
CVE-2019-16871
Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution as SYSTEM via the Beckhoff ADS protocol...
EUVD-2014-5303
Malware in sbrugna...
EUVD-2020-13521
Malware in sbrugna...