EUVD-2020-2731

Malware in sbrugna...

EUVD-2024-48257

Malicious code in bioql PyPI...

EUVD-2024-47299

Malicious code in bioql PyPI...

CVE-2024-7316

CVE-2024-7316 affects Mitsubishi Electric CNC Series and related models (e.g., M800V/M80V, M800/M80/E80, M700/M70/others; see advisory icsa-24-291-03) with a DoS via specially crafted TCP packets to port 683. Underlying issue is improper validation of a specified quantity in input. CVSS v3.1 base...

CVE-2024-7316 Denial of Service (DoS) Vulnerability in Mitsubishi Electric CNC Series

Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric CNC Series allows a remote unauthenticated attacker to cause Denial of Service DoS condition on the product by sending specially crafted packets to TCP port 683, causing an emergency stop...

PT-2024-7388 · Mitsubishi · M800/M80/E80 Series +5

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric M800V/M80V Series versions affected versions not specified Mitsubishi Electric M800/M80/E80 Series versions affected versions not specified Mitsubishi Electric C80 Series versions affected versions not specified Mitsubishi...

Possible Reentrance & Unexpected Behaviour Vulnerabilities

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. No protection against reentrancy attacks, for example, the pay function called in the mintCallback function does not check for reentrancy before performing an external call. No checking of return values...

L1ERC20Bridge does not have an emergency stop mechanism to pause the bridge in case of any problems found.

Lines of code Vulnerability details Impact Right now, L1ERC20Bridge implements nonReentrant and access control mechanism to improve security. However, there is not any emergency stop mechanism that can be triggered by an authorized account to pause the bridge in case of some problems. It is highl...

CVE-2020-10276

The password for the safety PLC is the default and thus easy to find in manuals, etc.. This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the las...

CVE-2020-10276

The password for the safety PLC is the default and thus easy to find in manuals, etc.. This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the las...

Hardcoded credentials

The password for the safety PLC is the default and thus easy to find in manuals, etc.. This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the las...

CVE-2020-10276 RVD#2558: Default credentials on SICK PLC allows disabling safety features

The password for the safety PLC is the default and thus easy to find in manuals, etc.. This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the las...

CVE-2020-10276

CVE-2020-10276 involves improper access control due to default passwords on the SICK safety PLC in MiR robots. The MiR 2.x line ships with insecure default credentials, which could allow an attacker on the internal network to manipulate the safety PLC and disable the emergency stop, potentially e...

How Radio Frequency Technology is Putting the Industrial Sector at Risk

Each industry has its own unique security risks. The banking and health care sectors, for example, deal with some considerably sensitive financial and client data, and therefore must put robust protections in place to ensure its safety. The industrial sector, however, is a bit different. For many...