Siemens Industrial Edge Devices Authorization Bypass Through User-Controlled Key (CVE-2025-40805)

Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has learned the identity of a...

CVE-2022-26380

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

EUVD-2022-30408

Malicious code in bioql PyPI...

Siemens RUGGEDCOM RM1224 缓冲区错误漏洞

SCALANCE SC-600 devices SC622-2C, SC632-2C, SC636-2C, SC642-2C, SC646-2C are used to protect trusted industrial networks from untrusted networks. SCALANCE M-800/S615 industrial routers are used for secure remote access to plants via mobilenetworks such as GPRS or UMTS for secure remote access to...

PHOENIX CONTACT FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH

CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: PHOENIX CONTACT Equipment: FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH Vulnerability: Cross-site Scripting AFFECTED PRODUCTS The following models running firmware versions prior to 1.99, 2.20, or 2.40 of FL...

Multiple Moxa Nport Products Information Disclosure Vulnerabilities

Moxa NPort 5110, 5130 and 5150 are Moxa's serial communication servers for connecting industrial serial devices to a network. An information disclosure vulnerability exists in several Moxa Nport products, where an attacker could exploit a vulnerability in the Ethernet frame stuffing process to...

Rockwell Automation Allen-Bradley Stratix 5400 and 5410 Packet Corruption Vulnerability

OVERVIEW Rockwell Automation has identified a resource management vulnerability in Rockwell Automation’s Allen-Bradley Stratix 5400 and Allen-Bradley Stratix 5410 industrial networking switches. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This...

Moxa OnCell Device Detection

Binary data 8021.prm...

ORing Industrial Networking IDS-5042/5042+ Hard-Coded Credential Vulnerability

Overview Independent researcher Reid Wightman of Digital BondKorenix and ORing Use Crypto, http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity/, Web site last accessed September 19, 2012. identified hard-coded credentials in the operating system of the ORing Industrial DIN-Rail...

RuggedCom Devices Backdoor Access

Exploit for hardware platform in category remote exploits Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial...

RuggedCom Devices - Backdoor Access

Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardened" networking equipment. You'll find...

RuggedCom Device Undocumented Backdoor

Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardened" networking equipment. You'll find...