Lucene search
K

180 matches found

CNVD
CNVD
added 2020/12/04 12:0 a.m.1 views

dll hijacking vulnerability in EasyAccess 2.0 (Windows Client) of Taiwan Virent Technology Co.

EasyAccess2.0 is a HMI remote access tool produced by VelenTouch, which allows you to remotely access machines and equipment thousands of miles away from any place, to realize remote monitoring of HMI and remote penetration of PLC controllers, to complete the status of the monitoring and program...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/10/13 12:0 a.m.4 views

ARC Informatique PcVue Information Disclosure Vulnerability

Pcvue is a multi-functional HMI-SCADA software from ARC Informatique, an all-in-one solution that monitors all aspects of a customer's assets.PcVue is used in a wide range of applications including industrial control, building management, energy management, smart grid, energy distribution,...

7.5CVSS6.3AI score0.01654EPSS
Exploits0References1
NCSC
NCSC
added 2020/09/08 12:0 a.m.6 views

Vulnerabilities discovered in HMI Panels

Because SIMATIC HMI panels do not properly handle repeated login attempts correctly, they are susceptible to Brute-force attacks. A malicious party can use them to retrieve user names and passwords find out and thus issue random commands with permissions from the affected user account. To exploit...

9.8CVSS7.2AI score0.01477EPSS
Exploits0
CNVD
CNVD
added 2020/08/10 12:0 a.m.1 views

Advantech WebAccess HMI Designer Type Obfuscation Vulnerability

Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A type confusion vulnerability exists in Advantech WebAccess HMI Designer version 2.1.9.31 and prior...

7.8CVSS6.9AI score0.02924EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/28 12:0 a.m.1 views

Memory Corruption Vulnerability in DOP-B Series HMI Software at Delta Electronics Enterprise Management (Shanghai) Co.

Delta Electronics Enterprise Management Shanghai Co., Ltd. was established in December 2003, and its business scope includes the fields of computer, software, information, communication, network, electromechanics and optoelectronics. A memory corruption vulnerability exists in the DOP-B series HM...

7AI score
Exploits0
CNVD
CNVD
added 2020/06/28 12:0 a.m.1 views

Denial of Service Vulnerability in Advantech WebAccess Node

Advantech WebAccess Node is a fully Internet Explorer based HMI/SCADA monitoring software. A heap overflow vulnerability exists in Advantech WebAccess Node that could lead to a denial of service...

7AI score
Exploits0
CNVD
CNVD
added 2020/06/10 12:0 a.m.2 views

Advantech WebAccess Node Buffer Overflow Vulnerability (CNVD-2020-32232)

Advantech WebAccess browser-based HMI and SCADA software. A buffer overflow vulnerability exists in Advantech WebAccess Node, which can be exploited by an attacker to remotely execute code...

9.8CVSS7.6AI score0.02169EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/27 12:0 a.m.7 views

Inductive Automation Ignition Code Issue Vulnerability (CNVD-2020-34643)

Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. A code issue vulnerability exists in Inductive Automation Ignition...

7.5CVSS7AI score0.20208EPSS
Exploits4References1
OSV
OSV
added 2020/04/03 6:15 p.m.5 views

CVE-2020-7000

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HM...

7.5CVSS7.1AI score0.01089EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/28 12:0 a.m.1 views

Memory Corruption Vulnerability in Taian Technology AT Upper (AT HMI System) (CNVD-2020-22760)

Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. The memory corruption vulnerability exists in Taiwan Security Technology's AT Upper Unit ...

7AI score
Exploits0
CNVD
CNVD
added 2020/02/28 12:0 a.m.2 views

Memory Corruption Vulnerability in Taiwan Security Technology AT Upper Unit (AT HMI System)

Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. A memory corruption vulnerability exists in Taiwan Security Technology's AT Upper Unit AT...

7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/02/04 7:36 a.m.67 views

Pen Testing Ships. A year in review

Partially driven by the upcoming inclusion of Cyber Security by the IMO International Maritime Organisation, 2019 was a really busy year for maritime security testing at PTP. What can we all learn from a year of evaluating the security of ships? We’ve been involved in all sorts of ship testing,...

2.1CVSS6.8AI score0.00301EPSS
Exploits0
CNVD
CNVD
added 2020/02/03 12:0 a.m.2 views

ABB CP651 HMI Trust Management Issue Vulnerability

The ABB CP651 is a control panel from ABB Switzerland. A vulnerability exists in the ABB CP651 HMI with trust management issues. An attacker could exploit this vulnerability to insert and run arbitrary code on an affected system...

8.8CVSS7.3AI score0.00726EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/20 12:0 a.m.3 views

ABB PB610 Panel Builder 600 HMIStudio Component Input Validation Error Vulnerability

ABB PB610 Panel Builder 600 is a software for designing graphical user interfaces for the CP600 control panel platform. An input validation error vulnerability exists in the HMIStudio component in ABB PB610 Panel Builder 600 version 2.8.0.424 and earlier. The vulnerability arises from a networked...

6.5CVSS6.7AI score0.00605EPSS
Exploits0References1
OSV
OSV
added 2019/09/26 1:15 a.m.3 views

CVE-2019-16901

Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4...

7.5CVSS7.1AI score0.01323EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/26 12:0 a.m.2 views

Advantech WebAccess HMI Designer Denial of Service Vulnerability

Advantech WebAccess HMI Designer is a human machine interface HMI runtime development software. A denial of service vulnerability exists in Advantech WebAccess HMI Designer 2.1.9.31. The vulnerability originates from data control from a faulty address in a code stream starting at...

7.5CVSS6.9AI score0.01323EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/26 12:0 a.m.2 views

Advantech WebAccess HMI Designer User Mode Write Access Conflict Vulnerability

Advantech WebAccess HMI Designer is a human machine interface HMI runtime development software. Advantech WebAccess HMI Designer 2.1.9.31 suffers from a user mode write access conflict vulnerability starting at MSVCR90!memcpy+0x0000000000000000015c. An attacker could exploit this vulnerability to...

7.5CVSS6.7AI score0.01323EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/08 12:0 a.m.2 views

Advantech WebAccess HMI Designer suffers from dll hijacking vulnerability

Advantech WebAccess HMI Designer is software that creates complete solutions for all HMI products and HMI applications including the TPC/WebOP/UNO series. Advantech WebAccess HMI Designer suffers from a dll hijacking vulnerability that can be exploited by an attacker to load a malicious dll and...

7.1AI score
Exploits0
CNVD
CNVD
added 2019/08/02 12:0 a.m.4 views

Advantech WebAccess HMI Designer Out-of-Bounds Write Vulnerability

Advantech WebAccess HMI Designer is a human machine interface HMI runtime development software. An out-of-bounds write vulnerability exists in Advantech WebAccess HMI Designer version 2.1.9.23 and earlier versions, which can be exploited by a remote attacker to execute arbitrary code via a...

8.8CVSS8AI score0.04127EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/07/08 12:0 a.m.5 views

The vulnerability of ABB’s automation control panels and the PB610 Panel Builder 600 software, which allows a intruder to read and write configuration files of HMI devices or trigger a system restart.

The vulnerabilities of ABB CP620 1SAP520100R0001, CP620 1SAP520100R4001, CP620-WEB 1SAP520200R0001, CP630 1SAP530100R0001, CP630-WEB 1SAP530200R0001CP, CP635 1SAP535100R0001, CP635 1SAP535100R5001, CP635-B 1SAP535100R2001, CP635-WEB 1SAP535200R0001, CP651 1SAP551100R0001, CP651-WEB 1SAP551200R000...

8.8CVSS5.6AI score0.02895EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder