Lucene search
+L

202 matches found

bdu_fstec
bdu_fstec
added 2024/01/31 12:0 a.m.6 views

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in the copying of buffers without checking the size of input data during syntax analysis of the wKPFStringLen field. Exploiting this vulnerability allows a malicious actor to execute...

7.5CVSS7.7AI score0.00411EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2024/01/18 12:0 a.m.6 views

Delta Electronics DOPSoft Security Vulnerability

Delta Electronics DOPSoft is a set of Human Machine Interface HMI software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft that originates from a buffer overflow vulnerability when parsing the wKPFStringLen field of a DPS file...

7.8CVSS7.2AI score0.00411EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/01/18 12:0 a.m.6 views

Delta Electronics DOPSoft Security Vulnerability

Delta Electronics DOPSoft is a Human Machine Interface HMI software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft that originates from a buffer overflow vulnerability when parsing the wMailContentLen field of a DPS file...

7.8CVSS7.2AI score0.00487EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/01/18 12:0 a.m.8 views

Delta Electronics DOPSoft Security Vulnerability

Delta Electronics DOPSoft is a Human Machine Interface HMI software package from Delta Electronics, a Taiwan, China-based company. A security vulnerability exists in Delta Electronics DOPSoft that stems from a buffer overflow vulnerability...

8.8CVSS7.3AI score0.00986EPSS
Exploits0References2
osv
osv
added 2023/12/19 9:15 p.m.4 views

CVE-2023-50466

An authenticated command injection vulnerability in Weintek cMT2078X easyweb Web Version v2.1.3, OS v20220215 allows attackers to execute arbitrary code or access sensitive information via injecting a crafted payload into the HMI Name parameter...

8.8CVSS6.1AI score0.01904EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/12/19 12:0 a.m.4 views

Weintek cMT security breach

Weintek cMT is a Human Machine Interface application from Weintek. A security vulnerability exists in Weintek cMT that stems from the presence of an authenticated command injection vulnerability that allows an attacker to execute arbitrary code or access sensitive information by injecting a craft...

8.8CVSS7.8AI score0.01904EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/12/15 12:0 a.m.10 views

The vulnerability of the software for creating and managing graphical user interfaces in industrial automation systems like SCADA CONPROSYS HMI Systems lies in the use of a password hash instead of a password for authentication. This allows attackers to exploit this flaw to disclose sensitive information through a “man-in-the-middle” attack.

The vulnerability of the SCADA CONPROSYS HMI System lies in the use of a password hash instead of a plain-text password for authentication. Exploiting this vulnerability allows an attacker, operating remotely, to disclose sensitive information through a “man-in-the-middle” attack...

5.3CVSS6.5AI score0.00879EPSS
Exploits0References6Affected Software1
ptsecurity
ptsecurity
added 2023/12/12 12:0 a.m.5 views

PT-2023-31063 · Unknown · Hmi Gc-A2 Series

Name of the Vulnerable Software and Affected Versions: HMI GC-A2 series affected versions not specified Description: A denial-of-service DoS issue exists in the commplex-link service. If a remote unauthenticated attacker sends specially crafted packets to specific ports, a denial-of-service...

7.5CVSS6.7AI score0.00981EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/12/12 12:0 a.m.5 views

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of Human Machine Interfaces HMIs from JTEKT. A security vulnerability exists in the JTEKT ELECTRONICS HMI GC-A2 series, which originates from a Denial of Service DoS vulnerability in the FTP service, where an unauthenticated, remote attacker sending...

7.5CVSS6.8AI score0.00981EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/12/12 12:0 a.m.6 views

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of HMIs from JTEKT. The JTEKT ELECTRONICS HMI GC-A2 series suffers from a security vulnerability that originates from a Denial of Service DoS in the NetBIOS service, which can be exploited by an attacker to send specially crafted packets to a specifi...

7.5CVSS6.7AI score0.00981EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2023/12/11 12:0 a.m.9 views

The vulnerability of microprogrammed software in programmable logic controllers and human-machine interfaces of the Unitronics Vision Series allows a perpetrator to gain administrative access to the device.

The vulnerability of microprogrammed software in programmable logic controllers and human-machine interfaces of the Unitronics Vision Series is related to the use of rigidly encoded credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain administrative...

10CVSS7.7AI score0.02089EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/12/05 12:0 a.m.8 views

Unitronics PLC Trust Management Issue Vulnerabilities

Unitronics PLC is a programmable logic controller with a built-in HMI panel from Unitronics Israel. A trust management issue vulnerability exists in the Unitronics PLC, which arises from the use of a default management password that allows an attacker accessing the PLC or HMI over the network to...

9.8CVSS9.1AI score0.02089EPSS
Exploits0References5
vulncheck_kev
vulncheck_kev
added 2023/11/28 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-6448

Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands...

9.8CVSS7.4AI score0.02089EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/11/14 12:0 a.m.6 views

Siemens SCALANCE 安全漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

6.9CVSS6.5AI score0.00688EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/11/14 12:0 a.m.4 views

Siemens SCALANCE 资源管理错误漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

6.5CVSS6.7AI score0.01001EPSS
Exploits0References6
cnnvd
cnnvd
added 2023/10/25 12:0 a.m.5 views

Bosch ctrlX HMI Web Panel WR21 Security Vulnerability

Bosch ctrlX HMI Web Panel WR21 is an HMI panel from Bosch Germany. A security vulnerability exists in the Bosch ctrlX HMI Web Panel WR21 version, which originated from a vulnerability that allows an attacker to install an arbitrary Android application while locked in Kiosk mode and use it to acce...

7.3CVSS6.9AI score0.00335EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/10/21 12:0 a.m.11 views

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel’s microprogramming software arises from buffer overflow in the stack. This allows a malicious actor to bypass the authentication process.

The vulnerability of Weintek’s cMT3000 HMI Web CGI panel software lies in buffer overflow attacks within the stack. Exploiting this vulnerability could allow an attacker to bypass the authentication process...

10CVSS8.1AI score0.00876EPSS
Exploits1References6Affected Software7
bdu_fstec
bdu_fstec
added 2023/08/09 12:0 a.m.7 views

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure.

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, in the Hitachi Energy RTU500 programmable logic controllers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS7.6AI score0.0054EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2023/08/09 12:0 a.m.8 views

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure.

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, in the Hitachi Energy RTU500 programmable logic controllers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS7.6AI score0.00596EPSS
Exploits0References2Affected Software1
osv
osv
added 2023/06/14 8:15 a.m.3 views

CVE-2023-1049

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause execution of malicious code when an unsuspicious user loads a project file from the local filesystem into the HMI...

7.8CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder