196 matches found
CVE-2024-22811
CVE-2024-22811 affects the Tormach xsTECH CNC Router with PathPilot Controller v2.9.6. The issue allows a remote attacker to cause a Denial of Service by disrupting the communication between the PathPilot controller and the CNC router through overwriting the Hostmot2 configuration cookie in devic...
CVE-2024-22808
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory...
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS via crafted commands...
CVE-2024-22811
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the Hostmot2 configuration cookie in the device memory...
CVE-2024-22809
The CVE-2024-22809 weakness is an incorrect access control in the Tormach xsTECH CNC Router, PathPilot Controller version 2.9.6 that permits an attacker to access the G-code shared folder and view sensitive information. Public sources confirm this affects PathPilot Controller and describe the imp...
CVE-2024-22815
CVE-2024-22815 affects the Tormach xsTECH CNC Router with PathPilot Controller v2.9.6, where a vulnerability in the communication protocol can be triggered by crafted commands to cause a Denial of Service. The issue is described across multiple sources without extensive exploit details; the Red H...
CVE-2024-22808
CVE-2024-22808 affects Tormach xsTECH CNC Router, PathPilot Controller v2.9.6. A DoS can be caused by disrupting communication between PathPilot and the CNC router through overwriting the card name in device memory. The issue is supported by Red Hat, NVD/CVE records and CNNVD/PT-Security notes. E...
CVE-2024-22807
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption...
CVE-2024-22809
Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information...
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS via crafted commands...
CVE-2024-22811
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the Hostmot2 configuration cookie in the device memory...
CVE-2024-22807
The CVE-2024-22807 vulnerability affects the Tormach xsTECH CNC Router with PathPilot Controller v2.9.6. The issue enables attackers to erase a critical sector of the flash memory, resulting in the loss of network connectivity and firmware corruption. Documented impacts include degraded device re...
CVE-2024-22813
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller...
Siemens SINUMERIK ONE and SINUMERIK-MC Denial of Service Vulnerability
SINUMERIK MC is a CNC system for customized machine solutions. SINUMERIK ONE is a digital native CNC. A denial of service vulnerability exists in Siemens SINUMERIK ONE and SINUMERIK-MC due to a failure of an affected device to methodically and correctly process specially crafted packets sent to...
sicab.com.br Improper Access Control vulnerability OBB-3790021
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Protect CNC Machines in Networked IT/OT Environments
Networking IT/OT environments is a bit like walking a tightrope, balancing the pursuit of intelligence and efficiency against the risks of exposing OT systems to the wider world. Trend Micro recently teamed up with global machine tool company Celada to identify specific risks associated with...
cnc-seefeld.de Cross Site Scripting vulnerability OBB-3619554
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-3346
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service DoS condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is...
Buffer overflow
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service DoS condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is...
CVE-2023-3346
CVE-2023-3346 affects Mitsubishi Electric CNC Series. The vulnerability is a buffer copy without input size checking, enabling a remote unauthenticated attacker to cause denial of service and execute arbitrary code. Affected products include multiple CNC models (M800VW/M800VS/M80V/M80VW/M800W/M80...