361 matches found
Delta Electronics ISPSoft Stack Buffer Overflow Vulnerability
Delta Electronics ISPSoft is a programmable logic controller PLC programming software from Delta Electronics. A stack buffer overflow vulnerability exists in Delta Electronics ISPSoft, which can be exploited by an attacker to execute arbitrary code while parsing a DVP file...
CODESYS Edge Gateway 安全漏洞
CODESYS Edge Gateway is an extended CODESYS gateway from CODESYS Germany used to connect CODESYS automation servers to CODESYS PLCs in a local network. A security vulnerability exists in CODESYS Edge Gateway versions prior to 3.5.21.0, which stems from the fact that an unauthenticated remote...
PT-2025-11584
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description An unauthenticated remote attacker can gain limited information of the PLC network, but the user management of the PLCs prevents actual access to the PLCs. Recommendations At the moment, there...
XINJE XL5E-16T和XINJE XD5E-24R-E 安全漏洞
XINJE XL5E-16T and XINJE XD5E-24R-E are both products of China XINJE Corporation XINJE.XINJE XL5E-16T is an enhanced Ethernet controller.XINJE XD5E-24R-E is an Ethernet controller. A security vulnerability exists in the XINJE XL5E-16T and XINJE XD5E-24R-E.5.3b through 3.7.2a versions, which stems...
The vulnerability of the Diffie-Hellman algorithm in microprogrammed logic controllers (PLCs) from Schneider Electric Modicon M340 CPU BMXP34 allows a attacker to execute a “man-in-the-middle” attack.
The vulnerability of the Diffie-Hellman algorithm in microprogrammed logic controllers PLCs from Schneider Electric Modicon M340 CPU BMXP34 lies in the ability to bypass authentication through spoofing. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” atta...
WAGO多款产品 路径遍历漏洞
WAGO Edge Controller and others are products of WAGO, Germany.WAGO Edge Controller is an edge controller.WAGO PFC is a compact PLC for modular WAGO-I/O systems.WAGO CC100 0751-9x01 is a compact controller. A path traversal vulnerability exists in various WAGO products, which can be exploited by a...
WAGO多款产品 安全漏洞
WAGO PFC100 and others are products of WAGO, Germany.WAGO PFC100 is a programmable logic controller PLC.WAGO CC100 0751-9x01 is a compact controller.WAGO Edge Controller 0752-8303/8000-0002 is a controller. A security vulnerability exists in several WAGO products. The vulnerability originates fro...
XINJE XD5E和XINJE XL5E 安全漏洞
XINJE XD5E and XINJE XL5E are both products of China XINJE Corporation.XINJE XD5E is a PLC.XINJE XL5E is a PLC. A security vulnerability exists in the XINJE XD5E and XINJE XL5E version 3.5.3b that originates from a vulnerability that allows an attacker to cause a denial of service via a specially...
The vulnerability of microprogrammed software in Mitsubishi Electric’s M800V/M80V Series, M800/M80/E80 Series, C80 Series, and M700V/M70V/E70V Series programmable logic controllers is related to incorrect input of configuration data. This vulnerability allows a malicious actor to cause malfunctions during maintenance operations.
The vulnerability of microprogrammed software in Mitsubishi Electric’s M800V/M80V Series, M800/M80/E80 Series, C80 Series, M700V/M70V/E70 Series programmable logic controllers is related to incorrect input of configuration data. Exploiting this vulnerability can allow an attacker, operating...
The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, which stems from the use of weak encryption algorithms, allows a hacker to expose user account information.
The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the use of weak encryption algorithms. Exploiting this vulnerability could allow an intruder to obtain user credentials...
The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software, related to the ability to send a cookie session file, allows a intruder to gain unauthorized access to protected information and enhance their privileges.
The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the ability to send a cookie session file. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information and enhance their privileges...
JTEKT Kostac PLC Programming Software 安全漏洞
JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.14.0 and earlier versions, which originates from allowing out-of-bounds writes to memory...
PT-2024-30295 · Automationdirect · Directlogic H2-Dm1E +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a session hijacking attack targeting the application layer's control mechanism. This mechanism manages authenticated sessions between...
CODESYS OSCAT Basic Library 缓冲区错误漏洞
CODESYS OSCAT Basic Library is an open source library from CODESYS Corporation, known as the Open Source Community for Automation Technology. A buffer error vulnerability exists in CODESYS OSCAT Basic Library versions prior to 3.3.5, which stems from the presence of an out-of-bounds read...
PT-2024-37920 · Unknown · Oscat Basic Library
Name of the Vulnerable Software and Affected Versions: OSCAT Basic Library affected versions not specified Description: The issue is an Out-of-Bounds read vulnerability that allows a local, unprivileged attacker to access limited internal data of the PLC, which may lead to a crash of the affected...
CVE-2024-41716
Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...
WindLDR and WindO/I-NV4 store sensitive information in cleartext
Overview PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Yuki Meguro of Toinx Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
The vulnerability of microprogrammed logic controllers from Unitronics Vision PLC, related to incorrect handling of exceptional states, allows a intruder to trigger a malfunction in maintenance operations.
The vulnerability of microprogrammed logic controllers from Unitronics Vision PLC lies in the improper handling of exceptional states. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system remotely...
The vulnerability of the access control mechanism in Siemens LOGO programmable logic controllers allows a intruder to execute arbitrary commands.
The vulnerability of the access control mechanism in Siemens LOGO programmable logic controllers is related to the absence of authentication for critical functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the monitoring software for PLCCs from Fuji Electric Tellus Lite V-Simulator lies in the buffer overflow on the stack, allowing a hacker to execute arbitrary code.
The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...