EUVD-2020-6659

Malware in sbrugna...

Mitsubishi Electric MELSEC-Q/L Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC-Q/L Series Vulnerabilities : Incorrect Pointer Scaling, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these...

CVE-2020-14496 Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A) - Permission Issues

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information ...

CVE-2020-14496 Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A) - Permission Issues

Successful exploitation of this vulnerability for multiple Mitsubishi Electric Factory Automation Engineering Software Products of various versions could allow an attacker to escalate privilege and execute malicious programs, which could cause a denial-of-service condition, and allow information ...

CVE-2020-14496

CVE-2020-14496 is a permissions-based vulnerability in Mitsubishi Electric Factory Automation Engineering Software products. In affected products (e.g., CPU Module Logging Configuration Tool, CW/FR Configurators, EZSocket, GT Designer3, GX Works2/3, MELSOFT tools, Data Transfer, etc.), incorrect ...

Mitsubishi Electric Factory Automation 安全漏洞

Mitsubishi Electric Factory Automation is an industrial automation product from Mitsubishi Electric Corporation Mitsubishi Electric of Japan. A security vulnerability exists in Mitsubishi Electric Factory Automation, which can be exploited by an unauthenticated, remote attacker to disclose files...

CVE-2020-14523

Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code...

Design/Logic Flaw

Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code...

CVE-2020-14523 Mitsubishi Electric Factory Automation Products Path Traversal

Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code...

CVE-2020-14523

CVE-2020-14523 is a path traversal vulnerability (CWE-22) affecting multiple Mitsubishi Electric Factory Automation products. The issue allows an attacker to execute arbitrary code remotely (network access, no authentication, low complexity per NVD CVSS v3.1: base score 9.8 / 10; ICS score 8.3). ...

CVE-2020-14523 Mitsubishi Electric Factory Automation Products Path Traversal

Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code...

CVE-2020-14521

CVE-2020-14521 affects Mitsubishi Electric Factory Automation engineering software and is a vulnerability in unquoted search path or element (CWE-428) that can lead to remote code execution with high impact. Public sources indicate affected Mitsubishi products span a wide range of engineering uti...

CVE-2020-14521 Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition...

CVE-2020-14521 Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element

Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, modify information, and cause a denial-of-service condition...

Mitsubishi Electric Factory Automation Engineering Products (Update L)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Factory Automation Engineering products Vulnerability: Unquoted Search Path or Element 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

Mitsubishi Electric Factory Automation Engineering Software Products

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: Factory Automation Engineering Software Products Vulnerabilities: Improper Restriction of XML External Entity Reference and Uncontrolled Resource Consumption 2. RISK...

Wago Shell

Added: 03/31/2016 Background Wago PLCs are used in Factory and building automation. Wago ethernet PLCs are connected by IP and can be administered remotely. Problem Wago PLC devices use CoDeSyS protocols to program the device. If the programming ports are left open an attacker is able to upload,...

Wago Shell

Added: 03/31/2016 Background Wago PLCs are used in Factory and building automation. Wago ethernet PLCs are connected by IP and can be administered remotely. Problem Wago PLC devices use CoDeSyS protocols to program the device. If the programming ports are left open an attacker is able to upload,...

Wago Shell

Added: 03/31/2016 Background Wago PLCs are used in Factory and building automation. Wago ethernet PLCs are connected by IP and can be administered remotely. Problem Wago PLC devices use CoDeSyS protocols to program the device. If the programming ports are left open an attacker is able to upload,...

WS10 Data Server - SCADA Overflow (PoC)

WS10 Data Server - SCADA Overflow PoC Exploit Title: WS10 Data Server SCADA Exploit Overflow PoC Date: 09/23/2014 Author: Pedro Sánchez Version: 1.83 English Tested on: Windows 7 embedded. Notified the vendor, vendor never responded. In the new version this PoC stops working Vendor: Novus...