29 matches found
Schneider Electric多款产品 安全漏洞
Schneider Electric Modicon M241, among others, are programmable logic controllers produced by Schneider Electric, a French company. Several products from Schneider Electric have security vulnerabilities. These vulnerabilities stem from improper resource closure or release procedures, which may...
Schneider Electric多款产品 跨站脚本漏洞
Schneider Electric Modicon M258 is a product of the French company Schneider Electric. Schneider Electric Modicon M258 is a programmable automation controller. Schneider Electric Modicon M241 is a programmable logic controller. Schneider Electric Modicon M251 is also a programmable logic...
CVE-2021-22699
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...
EUVD-2019-16374
Malware in sbrugna...
EUVD-2021-9834
Malicious code in bioql PyPI...
Schneider Electric Modicon Cleartext Transmission of Sensitive Information (CVE-2020-7488)
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. This plugin only works with Tenable.ot. Please visit...
Schneider Electric Modicon Improper Input Validation (CVE-2021-22699)
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP. This plugin only works with Tenable.ot. Please visit...
The vulnerability of the microprogrammed software of Modicon M241 and Modicon M251 control units lies in the insufficient protection of registration data, allowing attackers to intercept login credentials and access the web application.
The vulnerability of the microprogrammed logic controllers Modicon M241 and Modicon M251 is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to intercept login credentials and gain access to the web application...
Vulnerabilities fixed in Schneider Electric Modicon M241/M251
Schneider Electric has fixed vulnerabilities in the CODESYS web server and gateway components of Modicon M241 and M251 controllers. An unauthenticated remote malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause or execute arbitrary code with the...
The vulnerability of microprogrammed software in Logic Controllers Modicon M218, Modicon M251, Modicon M241, and Modicon M258 lies in the lack of protection for transmitted data. This allows attackers to gain unauthorized access to the protected information.
The vulnerability of microprogrammed software in Logic Controllers Modicon M218, Modicon M251, Modicon M241, and Modicon M258 lies in the lack of protection for transmitted data. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected...
CVE-2021-22699
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...
CVE-2021-22699
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...
Input validation
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...
CVE-2021-22699
Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...
Schneider Electric 输入验证错误漏洞
An input validation error vulnerability exists in Schneider Electric that stems from an incorrect input validation vulnerability in the Modicon M241/M251 Logic Controller firmware prior to V5.1.9.1, which could result in a denial of service when an attacker sends a carefully crafted request to th...
CVE-2020-7487
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...
CVE-2020-7488
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...
Design/Logic Flaw
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...
Design/Logic Flaw
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...
CVE-2020-7488
The CVE-2020-7488 issue concerns a CWE-319 vulnerability (Cleartext Transmission of Sensitive Information) that could leak sensitive data transmitted between Schneider Electric’s Modicon controllers (M218, M241, M251, M258) and associated software. The root cause is insecure cleartext transmissio...