Lucene search
K

361 matches found

CNVD
CNVD
added 2025/05/07 12:0 a.m.3 views

Delta Electronics ISPSoft Stack Buffer Overflow Vulnerability

Delta Electronics ISPSoft is a programmable logic controller PLC programming software from Delta Electronics. A stack buffer overflow vulnerability exists in Delta Electronics ISPSoft, which can be exploited by an attacker to execute arbitrary code while parsing a DVP file...

9.8CVSS7.5AI score0.00314EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/18 12:0 a.m.5 views

CODESYS Edge Gateway 安全漏洞

CODESYS Edge Gateway is an extended CODESYS gateway from CODESYS Germany used to connect CODESYS automation servers to CODESYS PLCs in a local network. A security vulnerability exists in CODESYS Edge Gateway versions prior to 3.5.21.0, which stems from the fact that an unauthenticated remote...

5.3CVSS6.3AI score0.00417EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/18 12:0 a.m.7 views

PT-2025-11584

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description An unauthenticated remote attacker can gain limited information of the PLC network, but the user management of the PLCs prevents actual access to the PLCs. Recommendations At the moment, there...

5.3CVSS5.8AI score0.00417EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.4 views

XINJE XL5E-16T和XINJE XD5E-24R-E 安全漏洞

XINJE XL5E-16T and XINJE XD5E-24R-E are both products of China XINJE Corporation XINJE.XINJE XL5E-16T is an enhanced Ethernet controller.XINJE XD5E-24R-E is an Ethernet controller. A security vulnerability exists in the XINJE XL5E-16T and XINJE XD5E-24R-E.5.3b through 3.7.2a versions, which stems...

7.5CVSS6.7AI score0.0041EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/09 12:0 a.m.5 views

The vulnerability of the Diffie-Hellman algorithm in microprogrammed logic controllers (PLCs) from Schneider Electric Modicon M340 CPU BMXP34 allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the Diffie-Hellman algorithm in microprogrammed logic controllers PLCs from Schneider Electric Modicon M340 CPU BMXP34 lies in the ability to bypass authentication through spoofing. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” atta...

7.6CVSS5.5AI score0.00483EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.4 views

WAGO多款产品 路径遍历漏洞

WAGO Edge Controller and others are products of WAGO, Germany.WAGO Edge Controller is an edge controller.WAGO PFC is a compact PLC for modular WAGO-I/O systems.WAGO CC100 0751-9x01 is a compact controller. A path traversal vulnerability exists in various WAGO products, which can be exploited by a...

8.1CVSS6.7AI score0.00605EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.4 views

WAGO多款产品 安全漏洞

WAGO PFC100 and others are products of WAGO, Germany.WAGO PFC100 is a programmable logic controller PLC.WAGO CC100 0751-9x01 is a compact controller.WAGO Edge Controller 0752-8303/8000-0002 is a controller. A security vulnerability exists in several WAGO products. The vulnerability originates fro...

6.5CVSS6.8AI score0.00585EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.3 views

XINJE XD5E和XINJE XL5E 安全漏洞

XINJE XD5E and XINJE XL5E are both products of China XINJE Corporation.XINJE XD5E is a PLC.XINJE XL5E is a PLC. A security vulnerability exists in the XINJE XD5E and XINJE XL5E version 3.5.3b that originates from a vulnerability that allows an attacker to cause a denial of service via a specially...

7.5CVSS6.5AI score0.00366EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.5 views

The vulnerability of microprogrammed software in Mitsubishi Electric’s M800V/M80V Series, M800/M80/E80 Series, C80 Series, and M700V/M70V/E70V Series programmable logic controllers is related to incorrect input of configuration data. This vulnerability allows a malicious actor to cause malfunctions during maintenance operations.

The vulnerability of microprogrammed software in Mitsubishi Electric’s M800V/M80V Series, M800/M80/E80 Series, C80 Series, M700V/M70V/E70 Series programmable logic controllers is related to incorrect input of configuration data. Exploiting this vulnerability can allow an attacker, operating...

5.9CVSS5.4AI score0.0054EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.7 views

The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, which stems from the use of weak encryption algorithms, allows a hacker to expose user account information.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the use of weak encryption algorithms. Exploiting this vulnerability could allow an intruder to obtain user credentials...

6.1CVSS5.4AI score0.00215EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.6 views

The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, related to the ability to send a cookie session file, allows a intruder to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the ability to send a cookie session file. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information and enhance their privileges...

8.3CVSS5.4AI score0.00391EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2024/10/02 12:0 a.m.5 views

JTEKT Kostac PLC Programming Software 安全漏洞

JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.14.0 and earlier versions, which originates from allowing out-of-bounds writes to memory...

7.8CVSS6.7AI score0.00275EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.5 views

PT-2024-30295 · Automationdirect · Directlogic H2-Dm1E +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a session hijacking attack targeting the application layer's control mechanism. This mechanism manages authenticated sessions between...

8.8CVSS6.8AI score0.00284EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.5 views

CODESYS OSCAT Basic Library 缓冲区错误漏洞

CODESYS OSCAT Basic Library is an open source library from CODESYS Corporation, known as the Open Source Community for Automation Technology. A buffer error vulnerability exists in CODESYS OSCAT Basic Library versions prior to 3.3.5, which stems from the presence of an out-of-bounds read...

4.4CVSS6.6AI score0.00189EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.7 views

PT-2024-37920 · Unknown · Oscat Basic Library

Name of the Vulnerable Software and Affected Versions: OSCAT Basic Library affected versions not specified Description: The issue is an Out-of-Bounds read vulnerability that allows a local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of the affected...

4.4CVSS6.7AI score0.00189EPSS
Exploits0References6
OSV
OSV
added 2024/09/04 1:15 a.m.5 views

CVE-2024-41716

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...

8.1CVSS5.8AI score0.00447EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/08/29 6:8 a.m.4 views

WindLDR and WindO/I-NV4 store sensitive information in cleartext

Overview PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Yuki Meguro of Toinx Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

8.1CVSS6.6AI score0.00447EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.8 views

The vulnerability of microprogrammed logic controllers from Unitronics Vision PLC, related to incorrect handling of exceptional states, allows a intruder to trigger a malfunction in maintenance operations.

The vulnerability of microprogrammed logic controllers from Unitronics Vision PLC lies in the improper handling of exceptional states. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system remotely...

6.8CVSS5.4AI score0.00443EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.6 views

The vulnerability of the access control mechanism in Siemens LOGO programmable logic controllers allows a intruder to execute arbitrary commands.

The vulnerability of the access control mechanism in Siemens LOGO programmable logic controllers is related to the absence of authentication for critical functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

8.8CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.8 views

The vulnerability of the monitoring software for PLCCs from Fuji Electric Tellus Lite V-Simulator lies in the buffer overflow on the stack, allowing a hacker to execute arbitrary code.

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00327EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder