17 matches found
EUVD-2020-17920
Malware in sbrugna...
EUVD-2021-27541
Malicious code in bioql PyPI...
CVE-2020-25230
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25230)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device. This plugin only works with Tenable.ot. Please visi...
Broadcom RAID Controller Encryption Issue Vulnerability
The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from the web interface's TLS configuration supporting an outdated SHA1 cipher suite, rendering the product susceptible to attack...
CVE-2021-40363
A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...
CVE-2021-40363
A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...
CVE-2021-40363
CVE-2021-40363 affects Siemens SIMATIC PCS 7 and WinCC products. The underlying issue is that the affected component stores local system account credentials in a publicly accessible project file using an outdated cipher algorithm, enabling an attacker to brute-force credentials and take over the ...
PT-2022-4093 · Siemens · Simatic Pcs 7 +1
Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions V8.2 through V9.1 SIMATIC WinCC versions V7.4 through V7.5 SIMATIC WinCC versions V15 through V17 Description: The issue is related to a potential information leak about files and directories. An attacker may exploit th...
Design/Logic Flaw
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
CVE-2020-25230
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
Slack: The POODLE attack (SSLv3 supported) at status.slack.com
@cryptographer found that for some regions, status.slack.com supported an outdated cipher suite, which we've since updated. Thanks @cryptographer! nmap -sV --version-light --script ssl-poodle -p 443 IP...
Security Bulletin: IBM QRadar SIEM uses broken or risky cryptographic algorithms (CVE-2016-2879)
Summary The software uses an outdated insecure cipher or it is using a proprietary crypto standard which is likely to be vulnerable. Outdated/broken algorithms are MD4, MD5, SHA1, DES, ECB, RC4, Export ciphers, SSLv2, SSLv3, DH using keys less than 1024 Vulnerability Details CVEID: CVE-2016-2879...
Design/Logic Flaw
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate...
CVE-2017-7971
CVE-2017-7971 affects Schneider Electric PowerSCADA Anywhere v1.0 (used with PowerSCADA Expert v8.1/8.2) and Citect Anywhere v1.0. The issue is outdated TLS cipher suites and improper verification of peer SSL certificates, enabling potential man-in-the-middle or insecure communications. Public do...
CVE-2017-7971
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate...