[NB07-17] Multiple vulnerabilities in Takebishi Electric DeviceXplorer SYSMAC OPC server

Multiple vulnerabilities in Takebishi Electric DeviceXplorer SYSMAC OPC server ============================================================================ == OPC servers provide a standard way to interoperate automation and control systems, bridging data from several industrial protocols such as...

[NB07-09] Multiple vulnerabilities in Takebishi Electric DeviceXplorer FA-M3 OPC server

Multiple vulnerabilities in Takebishi Electric DeviceXplorer FA-M3 OPC server ============================================================================ = OPC servers provide a standard way to interoperate automation and control systems, bridging data from several industrial protocols such as...

Takebishi Electric DeviceXPlorer OPC Server Multiple Vulnerabilities

Binary data scadadevicexploreropccodeexec.nbin...

DeviceXPlorer OPC Server错误句柄验证漏洞

DeviceXPlorer OPC Server可为各种日本电机系列提供软件接口，与作为OPC客户的应用程序相互通信。 DeviceXplorer OPC Server没有正确地验证服务器句柄，将句柄用作了客户端调用的输入参数，这允许攻击者通过特定的函数调用导致服务器崩溃或执行任意指令。 以下是有漏洞的函数： IOPCItemMgt::SetActiveState IOPCItemMgt::SetClientHandles IOPCItemMgt::SetDataTypes IOPCSyncIO::Read IOPCSyncIO::Write IOPCAsyncIO::Read...

Takebishi Electric DeviceXPlorer OPC服务器远程代码执行漏洞

OPC OLE for Process Control 是一款为保证工业软件和设备的互联性而制订的程序接口国际标准。 Takebishi Electric DeviceXPlorer OPC服务器存在设计错误，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 通过OPCDA接口，可导致在OPC Server上访问任意内存，可导致执行任意指令。如下版本的DeviceXPlorer OPC Server受此漏洞影响： DeviceXPlorer MELSEC OPC Server DeviceXPlorer SYSMAC OPC Server DeviceXPlorer FA-M3 O...

CVE-2007-1319

Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control OPC Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors involving access to arbitrary memory. NOTE:...

Code injection

Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control OPC Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors involving access to arbitrary memory. NOTE:...

CVE-2007-1319

The CVE refers to an arbitrary code execution vulnerability in the Takebishi DeviceXPlorer OPC Server family (HIDIC, SYSMAC, MELSEC, FA-M3, MODBUS) via the OPC DA interface. The issue stems from the server implementation of the IOPCServer::RemoveGroup method, which can access arbitrary memory and...

CVE-2007-1319

Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control OPC Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors involving access to arbitrary memory. NOTE:...