CVE-2019-18250

In all versions of ABB Power Generation Information Manager PGIM and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device...

EUVD-2019-8048

Malware in sbrugna...

Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems

Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. "If exploited, these vulnerabilities could allow an...

Hitachi eSOMS Information Disclosure Vulnerability

Hitachi eSOMS is an application software from Hitachi, Ltd. a shift operations management system for the power generation industry. A security vulnerability exists in Hitachi eSOMS, which stems from the presence of an information disclosure vulnerability. An attacker could exploit the vulnerabili...

Hitachi eSOMS Security Vulnerability

Hitachi eSOMS is an application software from Hitachi, Ltd. a shift operations management system for the power generation industry. A security vulnerability exists in Hitachi eSOMS version 6.3.13 and earlier, which stems from a vulnerability that allows an attacker to enumerate local file system...

Weak Password Vulnerability in Siemens Smart Energy Management Platform

Siemens is a technology-focused company that provides solutions for customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drives and software through innovations in electrification, automation and digitalization. A weak password...

ABB Asset Suite Access Control Error Vulnerability

ABB Asset Suite is a suite of enterprise asset management solutions from ABB Switzerland primarily for the power generation industry. An access control error vulnerability exists in the web interface in ABB Asset Suite. The vulnerability arises from a network system or product not properly...

CVE-2019-18250

In all versions of ABB Power Generation Information Manager PGIM and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device...

CVE-2019-18250

CVE-2019-18250 affects ABB Power Generation Information Manager (PGIM) and Plant Connect. The vulnerability is an authentication bypass that could allow a remote attacker to bypass authentication and extract credentials from the device. Affected products are PGIM (all versions) and Plant Connect ...

ABB Power Generation Information Manager (PGIM) and Plant Connect Security Authentication Bypass Vulnerability

ABB Power Generation Information Manager is the power generation information management system of the ABB Group. A security authentication bypass vulnerability exists in ABB Power Generation Information Manager PGIM and Plant Connect, which can be exploited by an attacker to bypass authentication...

ABB Power Generation Information Manager (PGIM) and Plant Connect

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Power Generation Information Manager PGIM and Plant Connect Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this...

Multiple ABB Products CVE-2019-18250 Authentication Bypass Vulnerability

Description Multiple ABB products are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected ABB Plant Connect ABB Power Generati...

mantractanzania.com XSS vulnerability

Open Bug Bounty ID: OBB-640807 Description| Value ---|--- Affected Website:| mantractanzania.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Siemens SIMATIC S7-400 PN CPU DoS

Overview Siemens has reported to ICS-CERT that denial-of-service DoS vulnerabilities exist in the SIMATIC S7-400 V6 and SIMATIC S7-400 V5 PN CPU products. Siemens has produced a firmware update that mitigates the vulnerability affecting the S7-400 V6. Siemens will not fix the vulnerability that...

Intellicom NetBiter WebSCADA Vulnerabilities

OVERVIEW This advisory is a follow-up to ICS-ALERT-10-293-01 - Intellicom NetBiter WebSCADA Vulnerabilities, published on the ICS-CERT Web page on October 20, 2010. On October 1, 2010 independent researchers identified vulnerabilities in the Intellicom NetBiter Supervisory Control and Data...