Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:31 a.m.6 views

CVE-2012-3018

The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...

4.4CVSS6.9AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2012/07/31 10:45 a.m.16 views

CVE-2012-3018

The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...

4.4CVSS6.5AI score0.0021EPSS
Exploits0References1
Prion
Prion
added 2012/07/31 10:45 a.m.18 views

Design/Logic Flaw

The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...

4.4CVSS7AI score0.0021EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2012/07/31 10:0 a.m.43 views

CVE-2012-3018

CVE-2012-3018 affects ICONICS GENESIS32 (<= 9.22) and BizViz (

4.4CVSS6.8AI score0.0021EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2012/07/31 10:0 a.m.23 views

CVE-2012-3018

The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...

6.5AI score0.0021EPSS
Exploits0References1
ICS
ICS
added 2012/05/03 6:0 a.m.51 views

ICONICS GENESIS32/BizViz Security Configurator Authentication Bypass Vulnerability

Overview Dr. Wesley McGrew of Mississippi State University has identified an authentication bypass vulnerability leading to privilege escalation in the ICONICS GENESIS32 and BizViz applications, specifically in the Security Configurator component. This vulnerability allows an attacker to bypass...

4.4CVSS6.9AI score0.0021EPSS
Exploits0References10
NVD
NVD
added 2012/04/18 5:55 p.m.16 views

CVE-2011-5088

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy...

9.3CVSS7.6AI score0.02723EPSS
Exploits0References1
NVD
NVD
added 2012/04/18 5:55 p.m.16 views

CVE-2011-5089

Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long password...

10CVSS8.2AI score0.04354EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2012/04/18 5:55 p.m.4 views

CVE-2011-5089

Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long password...

10CVSS6.3AI score0.04354EPSS
Exploits0References3
Prion
Prion
added 2012/04/18 5:55 p.m.12 views

Buffer overflow

Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long password...

10CVSS8.9AI score0.04354EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2012/04/18 5:0 p.m.16 views

CVE-2011-5088

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy...

7.6AI score0.02723EPSS
Exploits0References1
Cvelist
Cvelist
added 2012/04/18 5:0 p.m.22 views

CVE-2011-5089

Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long password...

8.2AI score0.04354EPSS
Exploits0References2
CVE
CVE
added 2012/04/18 5:0 p.m.42 views

CVE-2011-5089

The CVE-2011-5089 issue affects ICONICS GENESIS32 (versions 8.05, 9.0, 9.1, 9.2) and BizViz (8.05, 9.0, 9.1, 9.2). It is caused by a buffer overflow in the Security Login ActiveX controls that can be triggered by a long password, allowing remote attackers to cause a denial of service (application...

10CVSS8.5AI score0.04354EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/04/18 5:0 p.m.44 views

CVE-2011-5088

The CVE covers the ICONICS GENESIS32/ BizViz SetTrustedZone vulnerability in the IcoSetServer ActiveX control (GENESIS32 9.21, BizViz 9.21). The issue arises when trusted zone policy is configured from user input, allowing a crafted website to trigger remote code execution through the WebHMI/Work...

9.3CVSS7.8AI score0.02723EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2011/05/13 5:5 p.m.16 views

CVE-2011-2089

Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE...

9.3CVSS8.1AI score0.38316EPSS
Exploits2References9
Prion
Prion
added 2011/05/13 5:5 p.m.10 views

Stack overflow

Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE...

9.3CVSS8.7AI score0.38316EPSS
Exploits2References9Affected Software2
CVE
CVE
added 2011/05/13 5:0 p.m.75 views

CVE-2011-2089

Summary of CVE-2011-2089 (ICONICS WebHMI / BizViz / GENESIS32) : A stack-based buffer overflow in the GenVersion.dll VersionInfo ActiveX control (SetActiveXGUID) allows remote code execution via a long string argument. Affected: ICONICS BizViz 9.x (before 9.22) and GENESIS32 9.x (before 9.22) wit...

9.3CVSS8.3AI score0.38316EPSS
Exploits2References9Affected Software1
ThreatPost
ThreatPost
added 2011/05/12 3:57 p.m.8 views

Serious SCADA Security Flaw Affects Critical Infrastructure Firms

The U.S.’s Computer Emergency Response Team CERT issued a warning to critical infrastructure firms on Wednesday about a serious security hole in products from Massachusetts firm Iconics that could leave critical systems vulnerable to remote attacks. U.S. companies in the electricity, oil and gas,...

0.4AI score
Exploits0References3
ICS
ICS
added 2011/04/03 6:0 a.m.36 views

ICONICS Login ActiveX Vulnerability

Overview ICS-CERT has received a report from independent security researchers Billy Rios and Terry McCorkle concerning a vulnerability that affects ICONICS GENESIS32 and BizViz products. This vulnerability includes a crash in the Security Login controls used by GENESIS32 due to a buffer overflow...

10CVSS9AI score0.04354EPSS
Exploits0References10
Rows per page
Query Builder