Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-21599

Malware in sbrugna...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/06 10:12 a.m.17 views

CVE-2018-25112

An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device...

7.5CVSS7AI score0.00393EPSS
Exploits0References1
NVD
NVD
added 2025/06/04 10:15 a.m.12 views

CVE-2018-25112

An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device...

7.5CVSS0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/26 9:28 p.m.23 views

CVE-2022-31206

The Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software which compiles IEC 61131-3 conformant POU code to native machine code for execution...

10AI score0.00858EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/06/28 12:0 a.m.9 views

The vulnerability of microprogrammed software in PACsystems programmable logic controllers, related to insufficient verification of data authenticity, allows a intruder to execute arbitrary code.

The vulnerability of microprogrammed programmable logic controllers from PACsystems is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow an attacker, operating remotely, to execute arbitrary code using a specially crafted file written in...

10CVSS6AI score
Exploits0References2
Talos Blog
Talos Blog
added 2021/07/26 7:42 a.m.42 views

Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System

Patrick DeSantis discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the CODESYS Development System. The CODESYS Development System is the IEC 61131-3 programming tool for industrial control and automation technology,... This is only...

2AI score
Exploits0
Talos
Talos
added 2021/07/26 12:0 a.m.116 views

CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

8.8CVSS8AI score0.01298EPSS
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/11/10 7:30 a.m.27 views

Snakes and Ladder Logic

A click to a reverse shell in OpenPLC and ladder logic OR Why you shouldn’t run everything as root in PLC and RTUs. TL;DR Most of the RTU’s and PLC’s that run a Unix based OS that we test and, and some devices on Windows that we’ve tested on maritime engagements, run as root and/or admin. They al...

7.3AI score
Exploits0
Talos
Talos
added 2019/03/09 12:0 a.m.37 views

WAGO e!Cockpit authentication hard-coded encryption key vulnerability

Summary A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit, version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text. Test...

5.5CVSS5.8AI score0.00335EPSS
Exploits1
0day.today
0day.today
added 2017/12/02 12:0 a.m.55 views

WAGO PFC 200 SERIES Multiple Vulnerabilities

Exploit for hardware platform in category local exploits VENDOR DESCRIPTION “The WAGO-I/O-SYSTEM is a flexible fieldbus-independent solution for decentralized automation tasks. With the relay, function and interface modules, as well as overvoltage protection, WAGO provides a suitable interface fo...

0.3AI score
Exploits0
ICS
ICS
added 2015/10/16 6:0 a.m.117 views

Phoenix Contact Software ProConOs and MultiProg Authentication Vulnerability

OVERVIEW Reid Wightman of Digital Bond has identified an authentication vulnerability in Phoenix Contact Software’s ProConOs and MultiProg applications. KW-Software originally wrote these applications without authentication intentionally. This vulnerability could be exploited remotely. AFFECTED...

10CVSS6.8AI score0.80689EPSS
Exploits6References10
Rows per page
Query Builder