75 matches found
EUVD-2012-1814
Malware in sbrugna...
EUVD-2011-2931
Malware in sbrugna...
EUVD-2014-0809
Malware in sbrugna...
EUVD-2017-5532
Malware in sbrugna...
EUVD-2017-5534
Malware in sbrugna...
CVE-2011-2963
TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service crash via a crafted packet to TCP port 10651...
Progea Movicon TCPUploadServer (Update A)
Overview ICS-CERT has received a report from independent security researcher Jeremy Brown of a data leakage and denial-of-service vulnerability in Progea’s Movicon 11 human machine interface HMI product. Progea has verified the vulnerability and has developed a patch to address the issue. ICS-CER...
Progea Movicon 11.5.1181 Search Path Issues Vulnerability
Progea Movicon versions 11.5.1181 and below suffer from search path related vulnerabilities. Vendor: Progea Equipment: Movicon SCADA/HMI Vulnerability: Uncontrolled Search Path Element, Unquoted Search Path or Element Advisory URL...
Progea Movicon 11.5.1181 Search Path Issues
Vendor: Progea Equipment: Movicon SCADA/HMI Vulnerability: Uncontrolled Search Path Element, Unquoted Search Path or Element Advisory URL https://ipositivesecurity.com/2017/10/28/ics-progea-movicon-scadahmi-vulnerabilities/ ICS-CERT Advisory https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01...
CVE-2017-14019
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her...
CVE-2017-14017
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file...
CVE-2017-14019
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her...
CVE-2017-14017
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file...
CVE-2017-14017
CVE-2017-14017 affects Progea Movicon SCADA/HMI (Movicon 11.5.1181 and earlier). The vulnerability is an Uncontrolled Search Path Element that may allow a local attacker with low privileges to execute arbitrary code by loading a malicious DLL. Related entries also reference CVE-2017-14019 (Unquot...
CVE-2017-14019
CVE-2017-14019 is a documented vulnerability in Progea Movicon (11.5.1181 and prior) classified as an Unquoted Search Path or Element issue. The underlying flaw allows an authorized local attacker to insert arbitrary code into the unquoted service path and escalate privileges. Affected product: M...
CVE-2017-14019
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her...
Progea Movicon SCADA/HMI Elevation of Privilege Vulnerability
Movicon is Scada/HMI industrial monitoring software developed by the Italian automation software provider PROGEA. An elevation of privilege vulnerability exists in Progea Movicon SCADA/HMI that allows an authorized local user to insert arbitrary code into an unreferenced service path and escalate...
Progea Movicon SCADA/HMI Arbitrary Code Execution Vulnerability
Movicon is Scada/HMI industrial monitoring software developed by the Italian automation software provider PROGEA. An arbitrary code execution vulnerability exists in Progea Movicon SCADA/HMI that allows remote attackers without privileges to execute arbitrary code in the form of a malicious DLL...
Progea Movicon SCADA/HMI
CVSS v3 6.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Progea Equipment: Movicon SCADA/HMI Vulnerability: Uncontrolled Search Path Element, Unquoted Search Path or Element AFFECTED PRODUCTS The following versions of Movicon HMI, an HMI software platform, are affected:...
Network Time Protocol Vulnerabilities (Supplement Update A)
OVERVIEW --------- Begin Update A Part 1 of 2 -------- This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-353-01C Network Time Protocol Vulnerabilities that was published February 5, 2015, on the ICS‑CERT web site. --------- End Update A Part 1 of 2 ----------...