105 matches found
PT-2026-56921
Name of the Vulnerable Software and Affected Versions OpenPLC Runtime version 3 Description An authenticated arbitrary file write exists in the legacy web UI program-upload workflow. The application stores an attacker-supplied filename prog file into the Programs.File database field and uses this...
PT-2026-53221
Name of the Vulnerable Software and Affected Versions Delta Electronics DTM Soft affected versions not specified Description The software is susceptible to the deserialization of untrusted data, which can allow an attacker to execute arbitrary code. Real-world exploitation has been observed where...
PT-2026-40427
Name of the Vulnerable Software and Affected Versions Fuji Tellus affected versions not specified Description The installation of Fuji Tellus adds a driver to the kernel that grants all users read and write permissions. This improper driver permission allows for privilege escalation from a user...
PT-2026-31719
Name of the Vulnerable Software and Affected Versions versions not specified Description A remote attacker with low privileges can manipulate Modbus register values used in odorant injection logic, potentially causing over or under-injection of odorant into a gas line. Attackers have exploited th...
RTI Connext Professional 安全漏洞
RTI Connext Professional is a connectivity platform developed by RTI Corporation in the United States, specifically designed to meet the demanding requirements of Industrial Internet of Things IIoT. RTI Connext Professional has a security vulnerability that stems from improper restrictions on XML...
ThreatFormer-IDS: Robust Transformer Intrusion Detection with Zero-Day Generalization and Explainable Attribution
Intrusion detection in IoT and industrial networks requires models that can detect rare attacks at low false-positive rates while remaining reliable under evolving traffic and limited labels. Existing IDS solutions often report strong in-distribution accuracy, but they may degrade when evaluated ...
EUVD-2018-11378
Malware in sbrugna...
EUVD-2020-6634
Malware in sbrugna...
Radiflow iSAP Smart Collector 安全漏洞
Radiflow iSAP Smart Collector is a remote traffic collection and forwarding appliance designed for industrial networks from Radiflow USA. A security vulnerability exists in Radiflow iSAP Smart Collector that stems from an outdated underlying Linux distribution, which could result in an unmitigate...
Siemens SINEC NMS SQL注入漏洞
Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A SQL injection vulnerability exists in Siemens SINEC NMS, which can ...
Siemens SINEC NMS 路径遍历漏洞
Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...
CVE-2018-19694
HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form...
Phoenix Contact Classic Line Controllers Insufficient Verification of Data Authenticity (CVE-2022-31800)
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
The vulnerability of the software for monitoring and analyzing network traffic in industrial networks, SINEC Traffic Analyzer, is related to deficiencies in access control. This vulnerability allows a intruder to gain unauthorized access to protected information.
The vulnerability of the SINEC Traffic Analyzer software for monitoring and analyzing network traffic in industrial networks is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of the network management system for monitoring industrial networks in Siemens SINEC NMS, related to insufficient privilege separation, allows a intruder to execute arbitrary commands.
The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to insufficient privilege separation. Exploiting this vulnerability could allow a attacker to execute arbitrary commands...
The vulnerability of the MXview One and MXview One Central Manager industrial network management platforms lies in the storage of credentials in an open manner, allowing a malicious actor to gain unauthorized access to protected information.
The vulnerability of the MXview One and MXview One Central Manager industrial network management platforms lies in the storage of credentials in an open manner. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information...
The vulnerability of the software platform for managing security in industrial networks, MXSecurity, arises from the use of dangerous methods or functions, allowing attackers to enhance their privileges.
The vulnerability of the MXSecurity software platform for managing security in industrial networks is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the MXSecurity software platform for managing security in industrial networks lies in the use of strictly encrypted credentials, which allows attackers to disclose the protected information.
The vulnerability of the MXSecurity software platform for managing security in industrial networks is related to the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to disclose the protected information...
Ewon Cosy+ Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-018 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Special Element...
Ewon Cosy+ Improper Neutralization / Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-016 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Input During We...