Lucene search
K

26 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.6 views

PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

8.7CVSS5.8AI score0.00726EPSS
Exploits0References12
CVE
CVE
added 2026/06/12 10:0 a.m.20 views

CVE-2026-9266

CVE-2026-9266 affects Moxa’s embedded Linux firmware for industrial computers and controllers. The issue is a Missing Required Cryptographic Step, an incomplete remediation of CVE-2026-0714, where TPM2 parameter encryption is undermined by an omission in the authorization session configuration. A...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
ICS
ICS
added 2026/05/12 12:0 a.m.12 views

Siemens Industrial Devices

SUMMARY Multiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and...

8.7CVSS7.3AI score0.00324EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from unsafe default configurations in the server/settings.default.js file, which disable authentication. As a result, unauthenticated remot...

9.3CVSS5.8AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.7 views

CVE-2024-39791

Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code...

10CVSS8.4AI score0.01114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:20 p.m.4 views

CVE-2012-3013

WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC IPC devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP session...

10CVSS6.6AI score0.03153EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.3 views

Poster: Towards an Automated Security Testing Framework for Industrial UEs

With the ongoing adoption of 5G for communication in industrial systems and critical infrastructure, the security of industrial UEs such as 5G-enabled industrial robots becomes an increasingly important topic. Most notably, to meet the stringent security requirements of industrial deployments,...

6.9AI score
Exploits0
CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10048)

RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by an attacker to cause an IO...

7.5CVSS7.2AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.1 views

Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10051)

RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by attackers to cause memory...

9.8CVSS7.4AI score0.00266EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10046)

RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by an attacker to cause an IO...

7.5CVSS7.2AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.2 views

Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10047)

RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by attackers to cause memory...

9.8CVSS7.4AI score0.00271EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.13 views

Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10045)

RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by an attacker to cause an IO...

7.5CVSS7.2AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

Siemens SCALANCE 注入漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

9.4CVSS7.1AI score0.01352EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.10 views

The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition (ME) devices stems from insufficient validation of input data. This vulnerability allows a perpetrator to execute arbitrary code.

The software used for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition industrial devices is vulnerable due to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.10974EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/31 12:0 a.m.6 views

The vulnerability of the NPort IAW5000A-I/O Series web server software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the NPort IAW5000A-I/O Series web server software is related to the presence of a hard-coded key, which could potentially facilitate manipulation of the firmware. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and...

10CVSS7.6AI score0.00337EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.6 views

PT-2022-15219 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to memory corruption in audio due to the lack of a check for an invalid routing address into the APR Routing table. This affects various Qualcomm Snapdragon...

7.8CVSS7.7AI score0.00119EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.5 views

PT-2022-10002 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper key generation due to a lack of buffer validation when reading PRNG output. This affects various Qualcomm Snapdragon products, including...

9CVSS5.5AI score0.0016EPSS
Exploits0References2
Securelist
Securelist
added 2022/05/23 10:0 a.m.26 views

ISaPWN – research on the security of ISaGRAF Runtime

In early 2020, we notified the Rockwell Automation Product Security Incident Response Team RA PSIRT of several vulnerabilities we had identified in the ISaGRAF Runtime execution environment. According to public sources of information, ISaGRAF Runtime is used as an automation framework in multiple...

2.2AI score
Exploits0
ICS
ICS
added 2022/05/10 12:0 a.m.75 views

Siemens Industrial Devices using libcurl

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Industrial devices using libcurl Vulnerabilities: Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-132-13 Siemens Industrial Devices using...

8.1CVSS8AI score0.60122EPSS
Exploits2References11
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.2 views

多款 Siemens 产品跨站请求伪造漏洞

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A cross-site request forgery vulnerability exists in Siemens SCALANCE X-300 Switch...

8.8CVSS7.7AI score0.00512EPSS
Exploits0References3
Rows per page
Query Builder