20 matches found
EUVD-2011-4439
Malware in sbrugna...
EUVD-2011-4434
Malware in sbrugna...
EUVD-2011-4438
Malware in sbrugna...
CVE-2011-4510
Cross-site scripting XSS vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime...
CVE-2016-2306
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network...
CVE-2016-2306
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network...
Code injection
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network...
CVE-2016-2306
CVE-2016-2306 affects Ecava IntegraXor HMI web server prior to version 5.0, build 4522. The root cause is cleartext transmission of sensitive information over the network, enabling remote attackers to sniff unencrypted data. The vulnerability has been confirmed in multiple sources and is associat...
CVE-2016-2306
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network...
Siemens SIMATIC WinCC HMI Web Server Multiple Input Validation Vulnerabilities - Active Check
Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from...
CVE-2011-4513
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file,...
Cross site scripting
Cross-site scripting XSS vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime...
Crlf injection
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows...
Cross site request forgery (csrf)
miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle UR...
CVE-2011-4509
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account...
CVE-2011-4513
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file,...
CVE-2011-4878
Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexibl...
CVE-2011-4511
CVE-2011-4511 is a cross-site scripting (XSS) vulnerability in the Siemens SIMATIC WinCC HMI web server. Affected products (per ICS-CERT) include WinCC flexible 2004/2005/2007/2008 (before SP3), WinCC V11 (TIA Portal) before SP2 Update 1, and multiple SIMATIC HMI panels plus WinCC V11 Runtime Adv...
CVE-2011-4509
CVE-2011-4509 affects Siemens WinCC/WinCC flexible products (2004–2008, WinCC V11, and related SIMATIC HMI panels). The root cause is an improperly selected default administrator password, which enables remote attackers to gain access by brute-forcing via many HTTP requests. Public citations in c...
CVE-2011-4512
CVE-2011-4512 is a CRLF/header-injection vulnerability in the Siemens SIMATIC WinCC/HMI web server. Affected products include WinCC flexible 2004/2005/2007/2008 before SP3; WinCC V11 (TIA Portal) before SP2 Update 1; multiple SIMATIC HMI panels (TP/OP/MP/Comfort/Mobile); WinCC V11 Runtime Advance...