21 matches found
EUVD-2019-5009
Malware in sbrugna...
EUVD-2018-10721
Malware in sbrugna...
EUVD-2019-5014
Malware in sbrugna...
CVE-2019-13559
GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. A limited application of the affected product may ship without setup and configuration instructions immediately available to the end user. The bulk of controllers go int...
CVE-2019-13554
GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service...
GE Mark VIe Controller Trust Management Issue Vulnerability
The GE Mark VIe Controller is an industrial integrated control system from General Electric GE. A trust management issue vulnerability exists in GE Mark VIe Controller, which stems from the program's use of hard-coded credentials. An attacker could exploit this vulnerability to gain root access t...
CVE-2019-13559
GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. A limited application of the affected product may ship without setup and configuration instructions immediately available to the end user. The bulk of controllers go int...
CVE-2019-13554
GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service...
Hardcoded credentials
GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. A limited application of the affected product may ship without setup and configuration instructions immediately available to the end user. The bulk of controllers go int...
Design/Logic Flaw
GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service...
CVE-2019-13559
GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. A limited application of the affected product may ship without setup and configuration instructions immediately available to the end user. The bulk of controllers go int...
CVE-2019-13559
The CVE-2019-13559 issue affects GE Mark VIe Controllers, where hard-coded credentials may allow a root-user access if a device is deployed with default credentials. The ICSA advisory confirms two vulnerabilities: Improper Authorization and Use of Hard-coded Credentials, indicating local access c...
CVE-2019-13554
CVE-2019-13554 affects the GE Mark VIe Controller, where an unsecured Telnet protocol may allow an attacker to create an authenticated session using default credentials. The vulnerability is documented with concrete details: affected product and a root cause of unauthenticated Telnet access with ...
CVE-2019-13554
GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service...
GE Mark VIe Controller CVE-2019-13554 Authorization Bypass Vulnerability
Description GE Mark VIe Controller is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access to the affected system and obtain sensitive information. This may aid in further attacks. Technologies Affected Ge Mark VIe Controller Recommendations...
Siemens SINEMA Remote Connect Server ICSA-19-260-02 Multiple Security Vulnerabilities
Description Siemens SINEMA Remote Connect Server is prone to following security vulnerabilities: 1. Multiple security vulnerabilities 2. An information-disclosure vulnerability 3. A cross-site-request forgery vulnerability An attacker may leverage these issues to obtain potentially sensitive...
CVE-2018-19003
GE Mark VIe, EX2100e, EX2100eReg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100eReg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fail...
CVE-2018-19003
GE Mark VIe, EX2100e, EX2100eReg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100eReg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fail...
Path traversal
GE Mark VIe, EX2100e, EX2100eReg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100eReg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fail...
CVE-2018-19003
GE Mark VIe, EX2100e, EX2100eReg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100eReg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fail...