CVE-2023-22947

Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...

Code injection

A vulnerability has been identified in SIMATIC WinCC All versions V7.5.2.13. Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary...

Beckhoff TwinCAT Security Vulnerability

Beckhoff TwinCAT is a PC-based motion control software for industrial control applications from Beckhoff Germany. The software is based on Windows-based control and automation technology and converts any PC-based system into a real-time control system with multiple PLCs, NCs, CNCs and robotics...

Webmin Upload Authenticated RCE

This module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the 'Running Processes' proc privilege is set the user can accurately...

CVE-2016-7165

A vulnerability has been identified in Primary Setup Tool PST All versions V4.2 HF1, SIMATIC IT Production Suite All versions V7.0 SP1 HFX 2, SIMATIC NET PC-Software All versions V14, SIMATIC PCS 7 V7.1 All versions, SIMATIC PCS 7 V8.0 All versions, SIMATIC PCS 7 V8.1 All versions, SIMATIC PCS 7...