26 matches found
PT-2026-51651
Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...
CVE-2026-9266
CVE-2026-9266 affects Moxa’s embedded Linux firmware for industrial computers and controllers. The issue is a Missing Required Cryptographic Step, an incomplete remediation of CVE-2026-0714, where TPM2 parameter encryption is undermined by an omission in the authorization session configuration. A...
Siemens Industrial Devices
SUMMARY Multiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and...
FUXA 安全漏洞
FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from unsafe default configurations in the server/settings.default.js file, which disable authentication. As a result, unauthenticated remot...
CVE-2024-39791
Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code...
CVE-2012-3013
WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC IPC devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP session...
Poster: Towards an Automated Security Testing Framework for Industrial UEs
With the ongoing adoption of 5G for communication in industrial systems and critical infrastructure, the security of industrial UEs such as 5G-enabled industrial robots becomes an increasingly important topic. Most notably, to meet the stringent security requirements of industrial deployments,...
Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10048)
RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by an attacker to cause an IO...
Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10051)
RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by attackers to cause memory...
Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10046)
RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by an attacker to cause an IO...
Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10047)
RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by attackers to cause memory...
Unspecified Vulnerability in RT-Labs P-Net (CNVD-2025-10045)
RT-Labs P-Net is an open source PROFINET protocol stack from RT-Labs that enables standard communication between industrial devices and PROFINET controllers. A security vulnerability exists in RT-Labs P-Net version 1.0.1 and prior versions, which can be exploited by an attacker to cause an IO...
Siemens SCALANCE 注入漏洞
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...
The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition (ME) devices stems from insufficient validation of input data. This vulnerability allows a perpetrator to execute arbitrary code.
The software used for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition industrial devices is vulnerable due to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the NPort IAW5000A-I/O Series web server software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the NPort IAW5000A-I/O Series web server software is related to the presence of a hard-coded key, which could potentially facilitate manipulation of the firmware. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and...
PT-2022-15219 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to memory corruption in audio due to the lack of a check for an invalid routing address into the APR Routing table. This affects various Qualcomm Snapdragon...
PT-2022-10002 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper key generation due to a lack of buffer validation when reading PRNG output. This affects various Qualcomm Snapdragon products, including...
ISaPWN – research on the security of ISaGRAF Runtime
In early 2020, we notified the Rockwell Automation Product Security Incident Response Team RA PSIRT of several vulnerabilities we had identified in the ISaGRAF Runtime execution environment. According to public sources of information, ISaGRAF Runtime is used as an automation framework in multiple...
Siemens Industrial Devices using libcurl
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Industrial devices using libcurl Vulnerabilities: Use After Free 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-132-13 Siemens Industrial Devices using...
多款 Siemens 产品跨站请求伪造漏洞
SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human-machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions.A cross-site request forgery vulnerability exists in Siemens SCALANCE X-300 Switch...