5 matches found
CVE-2025-36535 AutomationDirect MB-Gateway Missing Authentication for Critical Function
The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...
CVE-2025-36535 AutomationDirect MB-Gateway Missing Authentication for Critical Function
The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...
CISA Releases Thirteen Industrial Control Systems Advisories
CISA released thirteen Industrial Control Systems ICS advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-140-01 ABUP IoT Cloud Platform ICSA-25-140-02 National Instruments Circuit Design Sui...
The vulnerability of the web server of the microprogramming software for the Modbus AutomationDirect MB-Gateway allows a perpetrator to gain unauthorized access to the device.
The vulnerability of the web server of the microprogramming-based Modbus AutomationDirect MB-Gateway software lies in the absence of an authentication mechanism for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the...
PT-2025-22415 · Automationdirect · Mb-Gateway
Name of the Vulnerable Software and Affected Versions: AutomationDirect MB-Gateway affected versions not specified Description: The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, ...