Simopro WinMatrix 安全漏洞

Simopro WinMatrix is an industrial control software developed by Simopro Company in Taiwan, China. Simopro WinMatrix has a security vulnerability that stems from the lack of authentication, which may allow for the execution of arbitrary code...

CVE-2025-66603

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts the OPTIONS method. An attacker could potentially use this information to carry out other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

Advantech WebAccess/SCADA Code Issue Vulnerability

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. A code issue vulnerability exists in Advantech...

Siemens多款产品 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. The power of discrete-event simulation is used to analyze and optimize throughput and thus improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from an out-of-bounds write...

3S-Smart Software Solutions CODESYS Control 安全漏洞

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS Control that allows any system user to read and...

Horner Automation Cscape 输入验证错误漏洞

Horner Automation Cscape EnvisionRV is a programming software for industrial control system development from Horner Automation, U.S. An input validation error vulnerability exists in Horner Automation Cscape EnvisionRV, which could be exploited by an attacker to execute arbitrary code in the...

Denial of Service Vulnerability in Mitsubishi Electric Corporation GX Works2 (CNVD-2020-49073)

GX Work2 is a PLC programming software developed by Mitsubishi Electric Automation Co., Ltd. for PLC design, debugging, maintenance and other work, which is widely used in electric power, machinery manufacturing, iron and steel, petroleum, chemical and other industrial control fields. A denial of...

Denial of Service Vulnerability in Proficy Machine Edition (CNVD-2020-32607)

Proficy Machine Edition is a PLC programming software developed by Emerson Trading Shanghai Co., Ltd. for designing, debugging, programming, and maintaining GE RX 3i and GE RX7i series PLCs, which is widely used in industrial control fields such as electric power, machinery manufacturing, steel,...

Arbitrary File Deletion Vulnerability in Advantech WebAccessNode

Advantech WebAccessNode is a fully Internet Explorer based HMI/SCADA monitoring software. Advantech WebAccessNode suffers from an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete files at any path within the system...

Delta Industrial Automation WPLSoft dvp File Buffer Overflow Vulnerability

Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A buffer overflow vulnerability exists in the Delta Industrial Automation WPLSoft dvp file due to a failure to validate th...

Beijing Jiezhong Industrial Control Software FameView Arbitrary File Read/Write Vulnerability

FameView automation configuration management software is a configuration monitoring software developed by Beijing Jiezhong Company based on Windows operating system with years of experience in engineering application and service. Beijing Jiezhong industrial control configuration software FameView...

Nanjing Sun Tang Industrial Control Software QTouch Remote Denial of Service Vulnerability

Nanjing Sun Tang industrial control configuration software QTouch is the leader of the second generation of domestic configuration software and the leader, across multiple operating systems, multi-CPU platform. A remote denial of service vulnerability exists in QTouch, which can be exploited by...

IOServer越界读取漏洞

Bugtraq ID:66761 CVE ID:CVE-2014-0777 IOServer是运行在Windows上的工业控制软件，包含内置Web服务器以支持XML服务器功能。 OPC Drivers 1.0.20之前版本内的Modbus从站及分站驱动程序在实现上存在越界读漏洞，攻击者通过特制的数据包，利用此漏洞可造成拒绝服务。 0 ioserver ioserver = 1.0.20 目前厂商已经发布了升级补丁以修复漏洞，请下载使用： http://www.ioserver.com/...

IOServer 1.0.18.0 Directory Traversal / File Download

===================================================================== BEGIN Foofus.net Security Advisory: foofus-20120817 BEGIN ===================================================================== Title: IOServer "Root Directory" Trailing Backslash Web Server Vuln Allows: Arbitrary File Access,...

Duqu computer virus Detected by Iran civil defense organization

Duqu computer virus Detected by Iran civil defense organization The virus is called W32.Duqu, or just Duqu create fear after the opening Pandora's Box of Stuxnet. The head of Iran's civil defense organization told the official IRNA news agency that computers at all main sites at risk were being...

Metasploit Holding On Siemens Exploits

UPDATE: A week after a security researcher decided to cancel a technical discussion of security holes in industrial control software from Siemens, Inc., public exploits for the vulnerabilities are on hold while the company works to shore up systems running its Simatic programmable logic controlle...