SCARA: A Semantics-Constrained Autonomous Remediation Agent for Opaque Industrial Software Vulnerabilities

Critical-infrastructure operators are increasingly expected to assess and remediate vulnerabilities in deployed industrial software. However, much of this software exists as opaque industrial software OIS, including stripped firmware, proprietary protocol handlers, and compiled control logic...

CVE-2026-8217

A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface. Performing a manipulation of the argument troiaCode results in os command injection. The attack may be initiated remotely. T...

CVE-2026-8242 Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

CVE-2026-8216

Affected software / component: Industrial Application Software IAS Canias ERP 8.03; affected function: iasServerRemoteInterface.doAction (Java RMI Session Management). Issue / impact: Improper authentication resulting from manipulation of the doAction function. The attack can be launched remotely...

CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

Eaton Easysoft 安全漏洞

Eaton Easysoft is a programming application used in the industrial field by Eaton, Inc. This software is used for programming Easy controllers and displays. It allows for the editing and visualization of circuit diagrams according to specified formats. Eaton Easysoft has security vulnerabilities;...

Argus BILGER 安全漏洞

Argus BILGER is an industrial communication and data acquisition software from the Turkish company Argus. A security vulnerability exists in Argus BILGER versions prior to 2.4.9, which stems from the insertion of sensitive information into sent data and could lead to a select message identifier...

CVE-2025-11697 Studio 5000 ® Simulation Interface Local Code Execution

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot...

EUVD-2022-30539

Malicious code in bioql PyPI...

Delta Electronics DIAView Catalog Traversal Vulnerability

Delta Electronics DIAView is an industrial configuration software from Delta Electronics China. A directory traversal vulnerability exists in Delta Electronics DIAView, which stems from a lack of validity checking of paths used by the program to process directory requests, and can be exploited by...

Bizerba BRAIN2 安全漏洞

Bizerba BRAIN2 is an industrial software platform from Bizerba, Germany. A security vulnerability exists in Bizerba BRAIN2 that originates from the possibility that a non-administrative user may perform privileged operations via report scripts...

Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow Code Execution Vulnerability (CNVD-2025-21318)

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by Fuji Electric Japan for collecting real-time data from PLCs, temperature controllers, inverters, and other devices. Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack Overflow...

Fuji Electric Tellus Lite V-Simulator 缓冲区错误漏洞

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. A buffer overflow vulnerability exists in Fuji Electric Tellus Lite V-Simulator, which stems from an out-of-bounds write vulnerability that can be exploited by an attacker t...

Information leakage vulnerability in Jishikai PLM system of Jishikai Industrial Software Co.

Jishikai Industrial Software Co., Ltd. is a company that specializes in the design, development, marketing, delivery, and service of PLM and R&D management industrial software products for the full life cycle of its customers. An information disclosure vulnerability exists in Wisdom Stone Open...

SQL Injection Vulnerability in PLM of Jishikai Industrial Software Co.

Jishikai Industrial Software Ltd. is an enterprise mainly engaged in software and information technology service industry. A SQL injection vulnerability exists in PLM of Jishikai Industrial Software Limited, which can be exploited by attackers to obtain sensitive information from the database...

Eaton easySoft Security Breach

Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used for use in programming Easy controllers and displays, where circuit diagrams can be edited and displayed in a format. A security vulnerability exists in Eaton easySoft that stems...

CVE-2023-4685

Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code...

Siemens LOGO! 8 BM 输入验证错误漏洞

A security vulnerability exists in Siemens LOGO! 8 BM, a programming software for the Windows platform used in industrial environments from Siemens, Germany. The vulnerability stems from the inability to properly validate offset values defined in TCP packets when calling methods. An attacker coul...

Siemens LOGO! 8 BM 数据伪造问题漏洞

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM prior to version 8.3, which arises from loading a firmware update without checking for authenticity. The vulnerability can ...

CVE-2022-22730

Improper authentication in the IntelR Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access...