322 matches found
Omron CX-One CX-Programmer, CJ2M and CJ2H PLCs Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-0987)
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. This plugin only works with Tenable.ot...
Siemens SIMATIC S7-1200 CPU Family Denial of Service (CVE-2013-2780)
Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service defect-mode transition and control outage via crafted packets to UDP port 161 aka the SNMP port. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
IDEC PLCs
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: IDEC Equipment: PLCs Programmable Logic Controllers Vulnerabilities: Unprotected Transport of Credentials, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...
Siemens S7 Layer 2 - Denial of Service (DoS)
Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Date: 21/10/2021 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back...
Siemens S7 Layer 2 - Denial of Service Exploit
Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back, Style from...
CVE-2021-20826
Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...
CVE-2021-20827
Plaintext storage of a password vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows an...
Design/Logic Flaw
Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...
Spoofing
Plaintext storage of a password vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows an...
CVE-2021-20827
CVE-2021-20827 describes plaintext storage of a password vulnerability in IDEC PLCs, allowing an attacker to obtain PLC Web server credentials from SD cards (ZLD files) or file backups and potentially hijack the PLC. Affected products and versions include IDEC FC6A/MICROSmart All-in-One CPU Modul...
CVE-2021-20826
CVE-2021-20826 affects IDEC PLCs: FC6A/MICROSmart All-in-One CPU Module (v2.32 and earlier), FC6A/MICROSmart Plus (v1.91 and earlier), WindLDR (v8.19.1 and earlier), WindEDIT Lite (v1.3.1 and earlier), and Data File Manager (v2.12.1 and earlier). Root cause: unprotected transport of credentials (...
CVE-2021-20826
Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...
CVE-2021-34578
This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07...
Authentication flaw
This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07...
CVE-2021-34578
CVE-2021-34578 affects WAGO PLCs (e.g., firmware versions up to FW07) where an authentication issue in the WBM allows an attacker with access to read and write device settings by sending specially crafted requests. The vulnerability arises from improper authentication/authorization of settings-pa...
The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium lies in errors related to register data manipulation, allowing attackers to execute arbitrary commands.
The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium is related to errors in controlling registration data. Exploiting this vulnerability allows an attacker to execute arbitrary commands usi...
Industrial Networks Exposed Through Cloud OT
The benefits of using a cloud-based management platform to monitor and configure industrial control systems ICS devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be used to paralyz...
Unpatched, Critical RCE Bug Allows Utility Takeovers
A critical remote code-execution RCE vulnerability in Schneider Electric programmable logic controllers PLCs has come to light, which allows unauthenticated cyberattackers to gain root-level control over PLCs used in manufacturing, building automation, healthcare and enterprise environments. If...
A New Bug in Siemens PLCs Could Let Hackers Run Malicious Code Remotely
Siemens on Friday shipped firmware updates to address a severe vulnerability in SIMATIC S7-1200 and S7-1500 programmable logic controllers PLCs that could be exploited by a malicious actor to remotely gain access to protected areas of the memory and achieve unrestricted and undetected code...
Siemens SCALANCE XM-400 and XR-500 Devices Denial of Service Vulnerability
SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. A denial of service vulnerability exists in the Siemens SCALANCE XM-400 and XR-500 Devices, which can be exploited by an attacker to create a permanent denia...