180 matches found
dll hijacking vulnerability in EasyAccess 2.0 (Windows Client) of Taiwan Virent Technology Co.
EasyAccess2.0 is a HMI remote access tool produced by VelenTouch, which allows you to remotely access machines and equipment thousands of miles away from any place, to realize remote monitoring of HMI and remote penetration of PLC controllers, to complete the status of the monitoring and program...
ARC Informatique PcVue Information Disclosure Vulnerability
Pcvue is a multi-functional HMI-SCADA software from ARC Informatique, an all-in-one solution that monitors all aspects of a customer's assets.PcVue is used in a wide range of applications including industrial control, building management, energy management, smart grid, energy distribution,...
Vulnerabilities discovered in HMI Panels
Because SIMATIC HMI panels do not properly handle repeated login attempts correctly, they are susceptible to Brute-force attacks. A malicious party can use them to retrieve user names and passwords find out and thus issue random commands with permissions from the affected user account. To exploit...
Advantech WebAccess HMI Designer Type Obfuscation Vulnerability
Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A type confusion vulnerability exists in Advantech WebAccess HMI Designer version 2.1.9.31 and prior...
Memory Corruption Vulnerability in DOP-B Series HMI Software at Delta Electronics Enterprise Management (Shanghai) Co.
Delta Electronics Enterprise Management Shanghai Co., Ltd. was established in December 2003, and its business scope includes the fields of computer, software, information, communication, network, electromechanics and optoelectronics. A memory corruption vulnerability exists in the DOP-B series HM...
Denial of Service Vulnerability in Advantech WebAccess Node
Advantech WebAccess Node is a fully Internet Explorer based HMI/SCADA monitoring software. A heap overflow vulnerability exists in Advantech WebAccess Node that could lead to a denial of service...
Advantech WebAccess Node Buffer Overflow Vulnerability (CNVD-2020-32232)
Advantech WebAccess browser-based HMI and SCADA software. A buffer overflow vulnerability exists in Advantech WebAccess Node, which can be exploited by an attacker to remotely execute code...
Inductive Automation Ignition Code Issue Vulnerability (CNVD-2020-34643)
Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. A code issue vulnerability exists in Inductive Automation Ignition...
CVE-2020-7000
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HM...
Memory Corruption Vulnerability in Taian Technology AT Upper (AT HMI System) (CNVD-2020-22760)
Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. The memory corruption vulnerability exists in Taiwan Security Technology's AT Upper Unit ...
Memory Corruption Vulnerability in Taiwan Security Technology AT Upper Unit (AT HMI System)
Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. A memory corruption vulnerability exists in Taiwan Security Technology's AT Upper Unit AT...
Pen Testing Ships. A year in review
Partially driven by the upcoming inclusion of Cyber Security by the IMO International Maritime Organisation, 2019 was a really busy year for maritime security testing at PTP. What can we all learn from a year of evaluating the security of ships? We’ve been involved in all sorts of ship testing,...
ABB CP651 HMI Trust Management Issue Vulnerability
The ABB CP651 is a control panel from ABB Switzerland. A vulnerability exists in the ABB CP651 HMI with trust management issues. An attacker could exploit this vulnerability to insert and run arbitrary code on an affected system...
ABB PB610 Panel Builder 600 HMIStudio Component Input Validation Error Vulnerability
ABB PB610 Panel Builder 600 is a software for designing graphical user interfaces for the CP600 control panel platform. An input validation error vulnerability exists in the HMIStudio component in ABB PB610 Panel Builder 600 version 2.8.0.424 and earlier. The vulnerability arises from a networked...
CVE-2019-16901
Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4...
Advantech WebAccess HMI Designer Denial of Service Vulnerability
Advantech WebAccess HMI Designer is a human machine interface HMI runtime development software. A denial of service vulnerability exists in Advantech WebAccess HMI Designer 2.1.9.31. The vulnerability originates from data control from a faulty address in a code stream starting at...
Advantech WebAccess HMI Designer User Mode Write Access Conflict Vulnerability
Advantech WebAccess HMI Designer is a human machine interface HMI runtime development software. Advantech WebAccess HMI Designer 2.1.9.31 suffers from a user mode write access conflict vulnerability starting at MSVCR90!memcpy+0x0000000000000000015c. An attacker could exploit this vulnerability to...
Advantech WebAccess HMI Designer suffers from dll hijacking vulnerability
Advantech WebAccess HMI Designer is software that creates complete solutions for all HMI products and HMI applications including the TPC/WebOP/UNO series. Advantech WebAccess HMI Designer suffers from a dll hijacking vulnerability that can be exploited by an attacker to load a malicious dll and...
Advantech WebAccess HMI Designer Out-of-Bounds Write Vulnerability
Advantech WebAccess HMI Designer is a human machine interface HMI runtime development software. An out-of-bounds write vulnerability exists in Advantech WebAccess HMI Designer version 2.1.9.23 and earlier versions, which can be exploited by a remote attacker to execute arbitrary code via a...
The vulnerability of ABB’s automation control panels and the PB610 Panel Builder 600 software, which allows a intruder to read and write configuration files of HMI devices or trigger a system restart.
The vulnerabilities of ABB CP620 1SAP520100R0001, CP620 1SAP520100R4001, CP620-WEB 1SAP520200R0001, CP630 1SAP530100R0001, CP630-WEB 1SAP530200R0001CP, CP635 1SAP535100R0001, CP635 1SAP535100R5001, CP635-B 1SAP535100R2001, CP635-WEB 1SAP535200R0001, CP651 1SAP551100R0001, CP651-WEB 1SAP551200R000...