CVE-2026-10703

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

CVE-2026-10703 EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

PT-2026-45897

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

Wireshark 2.2.x < 2.2.11 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.11 advisory. - In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in...

Wireshark 2.2.x < 2.2.11 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.11 advisory. - In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was...

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

CVE-2024-50618

A Use of Single-factor Authentication vulnerability in the Authentication component of CIPPlanner CIPAce before 9.17 allows attackers to bypass a protection mechanism. When the system is configured to allow login with internal accounts, an attacker can possibly obtain full authentication if the...

CVE-2024-50620

CVE-2024-50620 affects CIPPlanner CIPAce prior to 9.17, where Unrestricted Upload of File with Dangerous Type exists in the rich text editor and document management components. An authorized user can upload executable files when inserting images or during document uploads; such executables can be...

CVE-2025-11743

A denial-of-service security issue in the affected product. The security issue occurs when a malformed CIP forward open message is sent. This could result in a major nonrecoverable fault a restart is required to recover...

CVE-2025-9464

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive...

Malicious Package

Overview sd-cip-module-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in sd-cip-module-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dffd6baead2182a6d4f7487b352b9ccf3119af1299a5aaa68edbbc8a59d3de11 The package sd-cip-module-client was found to contain malicious code. Source: ghsa-malware...

MAL-2026-306 Malicious code in sd-cip-module-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dffd6baead2182a6d4f7487b352b9ccf3119af1299a5aaa68edbbc8a59d3de11 The package sd-cip-module-client was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-3056

Malicious code in sd-cip-module-client npm...

EUVD-2025-203385

A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and...

CVE-2025-13824

CVE-2025-13824 affects Rockwell Automation Micro820, Micro850, and Micro870 controllers. The vulnerability stems from improper handling of malformed CIP packets in the IPv6 stack during fuzzing, causing the controller to enter a hard fault and become unresponsive. On power cycle, it enters a reco...

Intel CIP Information Disclosure Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause information...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28672)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from improper external control of filenames or paths, and no details of the vulnerability are...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28674)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause an elevation...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28465)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from mismanagement of privileges and can be exploited by an attacker to cause elevation of...