50 matches found
EUVD-2016-7992
Malware in sbrugna...
EUVD-2018-2675
Malware in sbrugna...
EUVD-2022-33830
Malicious code in bioql PyPI...
CVE-2022-30937
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to the VirusTotal public malware scanning utility in...
Input validation
Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a...
CVE-2022-29492
CVE-2022-29492 affects Hitachi Energy MicroSCADA Pro SYS600 (versions up to 9.4 FP2 Hotfix 4) and MicroSCADA X SYS600 (versions up to 10.3.1). The issue is an improper input validation in the handling of malformed IEC 104 TCP packets: the packet is dropped but the TCP connection remains open, cre...
CVE-2022-29492 A vulnerability exists in the handling of a malformed IEC 104 TCP packet. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a denial-of-service if the affected conne ...
Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X SYS600, MicroSCADA Pro SYS600. Upon receiving a malformed IEC 104 TCP packet, the malformed packet is dropped, however the TCP connection is left open. This may cause a...
Siemens EN100 Ethernet Module Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2022-30938)
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30938
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
Memory corruption
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30938
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
Siemens EN100 Ethernet Module
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Siemens EN100 Ethernet Module Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2022-30937)
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30937
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30937
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
Memory corruption
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-30937
CVE-2022-30937 affects Siemens EN100 Ethernet Module variants: DNP3 IP, IEC 104, IEC 61850 (all versions prior to 4.37), Modbus TCP, and PROFINET IO. The issue is a memory corruption vulnerability in the HTTP parsing of the /txtrace endpoint, which could crash the affected application and cause a...
Siemens EN100 Ethernet Module
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of this vulnerability could...
PT-2022-5036 · Hitachi Energy · Hitachi Energy Microscada X Sys600
Name of the Vulnerable Software and Affected Versions: Hitachi Energy MicroSCADA Pro SYS600 versions 9.0 through 9.4 FP2 Hotfix 4 Hitachi Energy MicroSCADA X SYS600 versions 10 through 10.3.1 Description: The issue is caused by improper input validation in the handling of a malformed IEC 104 TCP...