17 matches found
Codra Panorama Suite 安全漏洞
Codra Panorama Suite is an industrial process monitoring software platform developed by the French company Codra. There is a security vulnerability in Codra Panorama Suite, which allows attackers to potentially read files on the Web HMI server...
EUVD-2020-8808
Malware in sbrugna...
EUVD-2020-5507
Malware in sbrugna...
EUVD-2023-54340
Malicious code in bioql PyPI...
Mitsubishi Electric MELSEC iQ-R Series Uncontrolled Resource Consumption (CVE-2020-13238)
Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to...
CVE-2020-16850
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...
Design/Logic Flaw
Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. After halting, physical access to the PLC is required in order to...
CVE-2020-13238
CVE-2020-13238 affects Mitsubishi Electric MELSEC iQ-R Series PLCs. A specially crafted, unauthenticated network packet can cause an uncontrolled resource consumption (DoS) at the Ethernet port, leading to a halt of the industrial process. Recovery requires physical access to the PLC. Affected de...
Code injection
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...
CVE-2018-10603
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...
Authentication flaw
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...
CVE-2018-10603
CVE-2018-10603 affects Martem TELEM-GW6 and GWM devices running firmware 2018.04.18-linux_4-01-601cb47 and prior. The root cause is missing authentication for IEC-104 control commands (CWE-306), enabling a rogue node to remotely control the industrial process. Public documents confirm a high/seve...
CVE-2018-10603
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process...
CVE-2018-10607
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel...
CVE-2018-10607
CVE-2018-10607 affects Martem TELEM-GW6 and GWM devices. The vulnerability allows creating new connections to one or more IOAs without properly closing them, causing a denial of service in the industrial process control channel. Affected firmware: 2018.04.18-linux_4-01-601cb47 and prior; remediat...
Martem TELEM-GW6/GWM (Update B)
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Martem Equipment : TELEM-GW6/GWM --------- Begin Update B Part 1 of 5 -------- Vulnerabilities : Missing Authentication for Critical Function, Incorrect Default Permissions, Resource Exhaustion,...
IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems
In the latter half of 2015, the FireEye Labs Advanced Reverse Engineering FLARE team identified several versions of an ICS-focused malware crafted to manipulate a specific industrial process running within a simulated Siemens control system environment. We named this family of malware IRONGATE...