CVE-2024-5056

creationtimestamp| type| source ---|---|--- 2024-06-26 18:28:16+00:00| seen| https://t.me/icscert/859 2025-09-11 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-254-09 2025-09-11 20:02:27+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lylk44iz5g2o...

ABB System 800xA Base Input Validation Error Vulnerability

ABB System 800xA Base is a distributed control system from ABB Switzerland for the industrial control industry. An input validation error vulnerability exists in ABB System 800xA Base versions 6.0.0 through 6.1.1-2. The vulnerability stems from the presence of an improper input validation...

CAREL Boss-Mini

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : CAREL Equipment : Boss-Mini Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Yokogawa CENTUM

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Yokogawa Equipment : CENTUM Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...

The vulnerability of the Siemens RUGGEDCOM CROSSBOW secure access control system allows a intruder to execute arbitrary code.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the deficiencies of its authentication procedures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created malware files from a remote location...

Rockwell Automation FactoryTalk View SE 安全漏洞

Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation. An elevation of privilege vulnerability exists in Rockwell Automation FactoryTalk View SE, which can be exploited by an attacker to edit scripts that bypass access control lists and...

Fuji Electric Tellus Lite V-Simulator

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : Tellus Lite V-Simulator Vulnerabilities : Out-of-Bound Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local...

Rockwell Automation FactoryTalk View SE

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View SE Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an outside attacker...

Hitachi Energy XMC20

SUMMARY Hitachi Energy is aware of a vulnerability that affects the XMC20 versions listed below. Please refer to the “Recommended Immediate Actions” for information about the remediation. 2. GENERAL MITIGATION FACTORS/WORKAROUNDS Recommended security practices and firewall configurations can...

AVEVA PI Web API

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : PI Web API Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code...

AVEVA PI Asset Framework Client

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : AVEVA Equipment : PI Asset Framework Client Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code execution. 3. TECHNICAL...

ABB 800xA Base (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Low attack complexity Vendor : ABB Equipment : 800xA Base Vulnerabilities : Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause services to crash and restart. 3. TECHNICAL DETAILS 3.1...

Aquatronica Control System 5.1.6 Password Disclosure Exploit

Aquatronica Control System version 5.1.6 has a tcp.php endpoint on the controller that is exposed to unauthenticated attackers over the network. This vulnerability allows remote attackers to send a POST request which can reveal sensitive configuration information, including plaintext passwords...

Aquatronica Control System 5.1.6 - Information Disclosure

!/usr/bin/env python -- coding: utf-8 -- Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Vendor: Aquatronica s.r.l. Product web page: https://www.aquatronica.com Affected version: Firmware: 5.1.6 Web: 2.0 Summary: Aquatronica's electronic AQUARIUM CONTROLLER is easy to use, allowing...

AutomationDirect P3-550E Access Control Error Vulnerability

The AutomationDirect P3-550E is a programmable control system PLC from AutomationDirect USA. An access control error vulnerability exists in AutomationDirect P3-550E version 1.2.10.9, which can be exploited by an attacker to cause arbitrary writes by sending specially crafted network packets...

AutomationDirect P3-550E Out-of-Bounds Write Vulnerability

The AutomationDirect P3-550E is a programmable control system PLC from AutomationDirect USA. An out-of-bounds write vulnerability exists in AutomationDirect P3-550E version 1.2.10.9, which can be exploited by an attacker to cause a denial of service via specially crafted network packets...

Aquatronica Control System 5.1.6 Password Disclosure

!/usr/bin/env python -- coding: utf-8 -- Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Vendor: Aquatronica s.r.l. Product web page: https://www.aquatronica.com Affected version: Firmware: 5.1.6 Web: 2.0 Summary: Aquatronica's electronic AQUARIUM CONTROLLER is easy to use, allowing...

Fedora 40 : git (2024-ecba8476e2)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ecba8476e2 advisory. update to 2.45.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Rockwell Automation FactoryTalk View SE

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View SE Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

CVE-2024-4791

A vulnerability classified as critical was found in Contemporary Control System BASrouter BACnet BASRT-B 2.7.2. This vulnerability affects unknown code of the component Application Protocol Data Unit. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit h...