9 matches found
EUVD-2023-12155
Malicious code in bioql PyPI...
CVE-2023-0053
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could...
Design/Logic Flaw
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...
CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...
CVE-2023-0052
SAUTER Controls Nova 200–220 Series (firmware 3.3-006 and earlier) and BACnetstac 4.2.1 and earlier are affected by CVE-2023-0052 due to missing authentication for a critical function, allowing command execution without credentials. Telemetry shows Telnet and FTP are the only device-management pr...
PT-2023-15973 · Sauter · Sauter Controls Nova 200–220 Series
Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior BACnetstac versions 4.2.1 and prior Description: The issue affects device management, where sensitive information such as credentials is sent in cleartext through FTP and Telnet...
CISA Releases Twelve Industrial Control Systems Advisories
CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...
PT-2023-7518 · Sauter · Sauter Controls Nova 106 +2
Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior SAUTER Controls Nova 230 versions affected versions not specified SAUTER Controls Nova 106 versions affected versions not specified BACnetstac version 4.2.1 and prior Description:...
SAUTER Controls Nova 200 - 220 Series (PLC 6)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series PLC 6 Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful...