Lucene search
K

44 matches found

Openbugbounty
Openbugbounty
added 2023/06/12 2:37 p.m.6 views

temaf.enea.it Cross Site Scripting vulnerability OBB-3419296

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/03/10 10:25 p.m.15 views

laerte.enea.it Cross Site Scripting vulnerability OBB-3217344

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/03/10 8:25 p.m.12 views

spring.bologna.enea.it Cross Site Scripting vulnerability OBB-3216942

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/08/27 5:35 a.m.12 views

tecnopolo.enea.it Cross Site Scripting vulnerability OBB-2867606

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Prion
Prion
added 2022/07/28 4:15 p.m.20 views

Hardcoded credentials

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

2.1CVSS5.8AI score0.00272EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/07/28 4:15 p.m.16 views

Hardcoded credentials

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The...

4.6CVSS8.1AI score0.00361EPSS
Exploits0References2
CVE
CVE
added 2022/07/28 3:41 p.m.82 views

CVE-2022-30314

CVE-2022-30314 affects Honeywell Experion PKS Safety Manager 5.02. The vulnerability arises from hard-coded credentials used to access the POLO bootloader, which is exposed via the DCOM-232/485 serial interface used for firmware management. An attacker with physical or gateway-access to the seria...

4.6CVSS5.7AI score0.00272EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/28 3:41 p.m.35 views

CVE-2022-30314

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

6.1AI score0.00272EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.23 views

Emerson OSE Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-0693)

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

10CVSS5.8AI score0.03263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.23 views

Enea Ose Unspecified Vulnerability

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...

9CVSS4AI score0.02583EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.21 views

Enea Ose Improper Control of Generation of Code ('Code Injection')

The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. File data...

10CVSS7.4AI score0.05036EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.21 views

Enea Ose Unspecified Vulnerability

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service. File data ot500236.na...

10CVSS6.8AI score0.04859EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/08 12:0 a.m.20 views

Enea Ose Exposure of Sensitive Information to an Unauthorized Actor

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

10CVSS4.1AI score0.03263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/10/28 12:0 a.m.4 views

PT-2019-13869 · Mitsubishi · Me-Rtu

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Europe B.V. ME-RTU devices versions 2.02 and earlier INEA ME-RTU devices versions 3.0 and earlier Description: An unauthenticated remote configuration download issue allows an attacker to download the smartRTU's...

7.5CVSS7.2AI score0.41847EPSS
Exploits3References5
ICS
ICS
added 2019/10/01 6:0 a.m.202 views

Interpeak IPnet TCP/IP Stack (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment : OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and...

9.8CVSS9.3AI score0.84177EPSS
Exploits7References10
Openbugbounty
Openbugbounty
added 2017/05/19 11:22 p.m.20 views

afs.enea.it XSS vulnerability

Vulnerable URL: http://www.afs.enea.it/demichel/research.php?authorName=Luisa=%22%3E%3Cscript%3E%20alert%27XSSPOSED%27%20%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 20:52 GMT Vulnerability type:| XSS Vulnerability status:|...

6.3AI score
Exploits0
NVD
NVD
added 2013/10/03 11:4 a.m.24 views

CVE-2013-0693

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

10CVSS6AI score0.03263EPSS
Exploits0References1
Prion
Prion
added 2013/10/03 11:4 a.m.21 views

Code injection

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...

10CVSS8.2AI score0.04859EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2013/10/03 11:4 a.m.18 views

Code injection

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

10CVSS6.6AI score0.03263EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/03 10:0 a.m.27 views

CVE-2013-0692

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...

7.5AI score0.04859EPSS
Exploits0References1
Rows per page
Query Builder