The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software lies in the lack of authentication for a critical function. This allows a intruder to execute arbitrary commands and cause malfunctions in the device’s operation.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and cause malfunctions in the system...

The vulnerability of the Visual Studio Code extension for Arduino, a code editor for Visual Studio Code, arises from the lack of authentication for a critical function. This allows a hacker to execute arbitrary code.

The vulnerability of the Visual Studio Code extension for Arduino code editor involves a lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

CVE-2024-9137 Moxa Service Missing Authentication for Critical Function

The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise...

CVE-2024-8530

Schneider Electric Data Center Expert suffers a Missing Authentication for Critical Function (CWE-306) vulnerability that could disclose private data when a pre-generated logcaptures archive is accessed via HTTPS. Affected: Data Center Expert (versions up to 8.1.1.3 and prior). Root cause: lack o...

CVE-2024-8530

CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...

CVE-2024-8530

CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...

TEM Opera Plus FM Family Transmitter

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : TEM Equipment : Opera Plus FM Family Transmitter Vulnerabilities : Missing Authentication for Critical Function, Cross-Site Request Forgery CSRF 2. RISK...

CVE-2024-35293

An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...

CVE-2024-35293 Schneider Elektronik Series 700 prone to missing authentication for critical reset function

An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...

CVE-2024-35293 Schneider Elektronik Series 700 prone to missing authentication for critical reset function

An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...

PT-2024-26419 · Schneider Elektronik · Series 700

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices, resulti...

The vulnerability of the software tools for managing identification and access control, as well as the ID Link Manager and the resource planning software FUJITSU Software TIME CREATOR, allows a perpetrator to gain unauthorized access to read and modify confidential information.

The vulnerability of the software tools for managing identification and access to the ID Link Manager, as well as the resource planning software FUJITSU Software TIME CREATOR, is related to the lack of authentication checks for a critical function. Exploiting this vulnerability could allow an...

CVE-2024-39364 Advantech ADAM-5630 Missing Authentication for Critical Function

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

CVE-2024-39364 Advantech ADAM-5630 Missing Authentication for Critical Function

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

CVE-2024-6981 OMNTEC Proteus Tank Monitoring Missing Authentication for Critical Function

OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform administrative actions without proper authentication...

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of authentication for a critical function, allowing a malicious actor to trigger a service failure.

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow a remote attacker to cause service failures...

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of authentication for a critical function, allowing a hacker to alter the network isolation status of managed devices.

The vulnerability of the Ivanti EPM endpoint management software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow a remote attacker to alter the network isolation status of the managed devices...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

PT-2024-12594 · Loftware · Loftware Spectrum

Name of the Vulnerable Software and Affected Versions: Loftware Spectrum versions prior to 4.6 HF14 Description: The issue is related to Missing Authentication for a Critical Function. There is no information provided about the estimated number of potentially affected devices worldwide or...