CODESYS多款产品 安全漏洞

CODESYS and others are products of the German CODESYS company. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. CODESYS Control RTE is a high-performance programmable controller. Several CODESYS products have security vulnerabilities; these...

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

Weintek cMT-3072XH2 easyweb 安全漏洞

Weintek cMT-3072XH2 easyweb is an intelligent human-machine interaction interface developed by Weintek Company in Taiwan, China. The version v2.1.53 of Weintek cMT-3072XH2 easyweb contains a security vulnerability. This vulnerability stems from improper access control in the VNC component, which...

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

CVE-2024-55022

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter...

📄 Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control / Lockout

The Honeywell IQ4 Trend IQ4 exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System User level 100 context, granting read/write privileges to any party able to...

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a stack buffer overflow vulnerability that originates from improperly restricted memory buffer operations and can be exploited by an attacker to...

INVT VT-Designer 安全漏洞

INVT VT-Designer is an HMI programming and configuration software from China-based INVT. A security vulnerability exists in INVT VT-Designer that stems from a type confusion when parsing PM3 files, which could lead to remote code execution...

Contec CONPROSYS HMI System 安全漏洞

Contec CONPROSYS HMI System is an HMI Human Machine Interface/SCADA Supervisory Control and Data Acquisition software product based on HTML5 technology from Contec Japan. A security vulnerability exists in Contec CONPROSYS HMI System versions prior to 3.7.7, which originates from an unauthenticat...

Fuji Electric Smart Editor 安全漏洞

Fuji Electric Smart Editor is an editing software developed by Fuji Electric for configuring and programming Human Machine Interface HMI devices. A buffer overflow vulnerability exists in Fuji Electric Smart Editor, which can be exploited by an attacker to execute arbitrary code...

JTEKT ELECTRONICS HMI ViewJet C-more 安全漏洞

JTEKT ELECTRONICS HMI ViewJet C-more is a series of human-machine interfaces from JTEKT ELECTRONICS, Japan. A security vulnerability exists in the JTEKT ELECTRONICS HMI ViewJet C-more that stems from a weak password encoding issue that could lead to credential disclosure...

JTEKT ELECTRONICS HMI ViewJet C-more 安全漏洞

JTEKT ELECTRONICS HMI ViewJet C-more is a series of human-machine interfaces from JTEKT ELECTRONICS, Japan. A security vulnerability exists in JTEKT ELECTRONICS HMI ViewJet C-more that stems from a proxy issue that could lead to an FTP bounce attack...

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that originates from insufficient validation of user-supplied data lengths, which can be exploited by an attacker to...

Rockwell Automation FactoryTalk View ME 安全漏洞

Rockwell Automation FactoryTalk View ME is a human-machine interface HMI software from Rockwell Automation, Inc. that is used to create and deploy monitoring and control interfaces that run on factory equipment and machines. A security vulnerability exists in Rockwell Automation FactoryTalk View ...

Fuji Electric Monitouch V-SFT V10 File Parsing Buffer Overflow Vulnerability

Fuji Electric Monitouch V-SFT is a configuration software for Human Machine Interfaces HMI from Fuji Electric. It supports a variety of features including customizable home screen, PDF document viewer, video player, alarm messages, 10 pop-up windows, and more. A buffer overflow vulnerability exis...

Fuji Electric Monitouch V-SFT X1 File Parsing Out-of-Bounds Write Code Execution Vulnerability

Fuji Electric Monitouch V-SFT is a configuration software for Human Machine Interfaces HMI from Fuji Electric. It supports a variety of features including customizable home screen, PDF document viewer, video player, alarm messages, 10 pop-up windows, and more. An out-of-bounds write code executio...

Fuji Electric Monitouch V-SFT 安全漏洞

Fuji Electric Monitouch V-SFT is a human-machine interface HMI configuration software developed by Fuji Electric, which is mainly used in industrial automation, providing touch screen interface design, PDF document viewing, video playback, alarm messages and other functions. Fuji Electric Monitou...