Mitsubishi Electric MELSEC iQ-F series Security Vulnerability

The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC iQ-F Series that stems from an improperly restricted authentication function...

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory, allowing a intruder to cause a service failure.

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the re-release of memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the repeated release of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created project file...

The vulnerability of the programmable logic controller PLC-100, related to errors in TCP communication processing, allows a intruder to trigger a service failure.

The vulnerability of the programmable logic controller PLC-100 is related to errors in TCP communication processing. Exploiting this vulnerability can allow a remote attacker to cause service failures...

The vulnerability of the web-server of the programmable logical controller ioLogik, related to deficiencies in access control, allows a intruder to gain unauthorized access to confidential data.

The vulnerability of the web-server-based programmable logic controller ioLogik is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential data...

The vulnerability of the Control FPWIN Pro PLC programming software lies in the possibility of data being written outside of the buffer in memory, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PLC programming software Control FPWIN Pro relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of microprogrammed software in WAGO 750 programmable logic controllers, which stems from insufficient validation of input data, allows a intruder to trigger malfunctions during maintenance operations.

The vulnerability of the microprogrammed software in WAGO 750 programmable logic controllers is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause malfunctions by using specially crafted packages...

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U lies in the lack of authentication for a critical function, allowing an intruder to delete arbitrary files.

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to delete arbitrary files...

The vulnerability of the SatRLT.OS software for programmable logic controllers “Satellite-A” lies in the insecure transmission of authentication data. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the SatRLT.OS software for programmable logic controllers “Satellite-A” lies in the insecure transmission of authentication data. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the microprogrammed software in programmable logic controllers ABB AC500, which allows a intruder to cause a service failure

The vulnerability of the microprogrammed logic controllers ABB AC500 is related to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerabilities of the programming software for PLCs (programmable logic controllers), the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert allow a intruder to gain unauthorized access to project files.

The vulnerabilities of the programming software for PLCs programmable logic controllers, the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert are related to insufficient protection of registration data. Exploiting the...

JTEKT Kostac PLC Programming Software 缓冲区错误漏洞

JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an insufficient buffer size f...

The vulnerability of the MKLogic-500 PLC configuration protocol, related to the lack of authentication for critical functions, allows attackers to alter the device’s operating logic.

The vulnerability of the MKLogic-500 PLC configuration protocol lies in the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker, operating remotely, to alter the device’s operating logic...

The vulnerability of the PLK MKLogic-500, related to insufficient control of FTP configuration parameters, allows a hacker to trigger a service failure.

The vulnerability of the MKLogic-500 PLC is related to insufficient control over the parameters used in the configuration of programmable logic controllers, which are set via FTP. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

多款WAGO产品 访问控制错误漏洞

WAGO Series PFC100 and others are products of WAGO, Germany.WAGO Series PFC100 is a programmable logic controller.WAGO Series PFC200 is a programmable logic controller.WAGO Edge Controller is an edge controller. An access control error vulnerability exists in multiple WAGO products. An attacker...

CVE-2023-22807

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol...

CVE-2023-22803

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could allow an attacker to change the PLC's mode arbitrarily...

LS ELECTRIC XBC-DN32U 安全漏洞

LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC Korea.A denial of service vulnerability exists in the LS ELECTRIC XBC-DN32U. The vulnerability stems from the fact that the device will stop functioning when accessing a memory location outside of the communication...

LS ELECTRIC XBC-DN32U 访问控制错误漏洞

The LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC in Korea. An Access Control Error vulnerability exists in the LS ELECTRIC XBC-DN32U version 01.80. The vulnerability stems from the device's inability to properly control access to the PLC via its internal XGT...

The vulnerability of Schneider Electric’s programmable logic controllers’ microprogramming software lies in the insufficient testing of unusual or exceptional states. This allows a intruder to execute arbitrary code or cause malfunctions during maintenance.

The vulnerability of microprogrammed programmable logic controllers from Schneider Electric relates to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause malfunctions by using a specially created malware file...