The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller allows a hacker to disclose protected information.

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller is related to insufficient encryption strength. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller allows a perpetrator to increase their privileges.

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to gain increase...

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller allows a perpetrator to disclose protected information.

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller is related to insufficient encryption strength. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the embedded images of the ControlWave telemechanics controller allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of embedded images of telemechanics controllers from ControlWave is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker operating remotely to gain access to confidential data, compromise its integrity, and even cause...

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller allows a perpetrator to disclose protected information.

The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller is related to the transmission of critical information in open text. Exploiting this vulnerability can allow a malicious actor to disclose the protected...

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

PT-2022-3168 · Emerson · Emerson Controlwave 'Next Generation' Rtus

Name of the Vulnerable Software and Affected Versions: Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 Description: The issue is related to insufficient authentication of data, which can allow a remote attacker to access confidential data, compromise its integrity, and cause a denia...

PT-2022-3167 · Bristol Babcock · Bristol Babcock 33Xx

Name of the Vulnerable Software and Affected Versions: ControlWave and Bristol Babcock 33xx controllers affected versions not specified Description: The issue is related to the implementation of the BSAP/IP protocol in the controllers, which has insufficient encryption strength. This could allow ...

Emerson 396359-32-9 ControlWave CPU module Detection

Binary data 756536.prm...

Emerson 396359-21-3 ControlWave CPU module Detection

Binary data 756533.prm...

Emerson 396879-11-0-3 ControlWave Micro CPU module Detection

Binary data 756502.prm...

Emerson ControlWave Micro <= 05.78.00 Buffer Overflow

Binary data 720147.prm...

Emerson 396359-26-4 ControlWave CPU module Detection

Binary data 756534.prm...

Emerson 396359-25-6 ControlWave CPU module Detection

Binary data 756535.prm...

CVE-2018-5452

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro ProConOS v.4.01.280 firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547...

CVE-2018-5452

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro ProConOS v.4.01.280 firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547...

CVE-2018-5452

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro ProConOS v.4.01.280 firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547...

CVE-2018-5452

The CVE-2018-5452 vulnerability affects Emerson ControlWave Micro Process Automation Controller (ProConOS v.4.01.280; firmware CWM v.05.78.00 and earlier). It is a stack-based buffer overflow triggered by crafting packets to port 20547, which can cause the PLC to halt. Impact described includes p...

Emerson ControlWave Micro Process Automation Controller Buffer Overflow Vulnerability

ControlWave Micro is a highly programmable controller that combines the unique features of a Programmable Logic Controller PLC and a Remote Terminal Unit RTU in one hybrid controller. A buffer overflow vulnerability exists in the Emerson ControlWave Micro Process Automation Controller, which can ...

Emerson ControlWave Micro Process Automation Controller

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Emerson Process Management LLLP Equipment: ControlWave Micro Process Automation Controller Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of ControlWave Micro firmware, a family of...