CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

CVE-2017-6030

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

CVE-2017-6030 Schneider Electric Modicon PLCs Predictable Value Range from Previous Values

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-6030

CVE-2017-6030 affects Schneider Electric Modicon PLCs (M221, M241, M251) with firmware versions prior to 1.5.0.0 (M221) and prior to 4.0.5.11 (M241/M251). The issue is a Predictable Value Range from Previous Values causing insufficiently random TCP initial sequence numbers, enabling an attacker t...

CVE-2017-7901

CVE-2017-7901 affects Rockwell Automation Allen-Bradley MicroLogix 1100 (1763-L16A.. series A/B, 16.00 and earlier) and MicroLogix 1400 (1766-L32A.. series A/B, 16.00 and earlier). Root cause: generation of insufficiently random TCP initial sequence numbers , enabling an attacker to predict numbe...

PT-2017-17982 · Rockwell Automation · Micrologix 1100 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers versions 16.00 and prior Rockwell Automation Allen-Bradley MicroLogix 1400 programmable logic controllers versions 16.00 and prior Description: A Predictable Val...

Schneider Electric Modicon PLCs

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Modicon PLCs Vulnerability: Predictable Value Range from Previous Values, Use of Insufficiently Random Values, Insufficiently Protected Credentials AFFECTED PRODUCTS The following version...

Beckwith Electric TCP Initial Sequence Vulnerability

OVERVIEW Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech, via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center, have identified a TCP initial sequence numbers vulnerability in two of Beckwith Electric’s...