The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML links to external objects. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the programming and debugging tool for PLC applications, MULTIPROG, integrated with the operating system ProConOS/ProConOS eCLR, arises from the loading of code without checking its integrity. This allows attackers to compromise the integrity of the protected information.

The vulnerability of the MULTIPROG programming and debugging tool for PLC applications, integrated with the ProConOS/ProConOS eCLR operating system, lies in the loading of code without checking its integrity. Exploiting this vulnerability allows an attacker to compromise the integrity of the...

EFACEC BCU 500 Cross-Site Request Forgery Vulnerability

The EFACEC BCU 500 is a programmable control system from EFACEC Portugal. The EFACEC BCU 500 suffers from a cross-site request forgery vulnerability that stems from susceptibility to a cross-site request forgery CSRF attack, which could force a user to perform a state change request on an...

The vulnerability of microprogrammed software in programmable logic controllers and human-machine interfaces of the Unitronics Vision Series allows a perpetrator to gain administrative access to the device.

The vulnerability of microprogrammed software in programmable logic controllers and human-machine interfaces of the Unitronics Vision Series is related to the use of rigidly encoded credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain administrative...

Unitronics PLC Trust Management Issue Vulnerabilities

Unitronics PLC is a programmable logic controller with a built-in HMI panel from Unitronics Israel. A trust management issue vulnerability exists in the Unitronics PLC, which arises from the use of a default management password that allows an attacker accessing the PLC or HMI over the network to...

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, arises from deficiencies in access control. This allows a intruder to execute arbitrary code.

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to execute arbitrary code...

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, arises from writing beyond the buffer boundaries, allowing a intruder to execute arbitrary code.

The vulnerability of the monitoring software for PLCCs from Fuji Electric, Tellus Lite V-Simulator, lies in the fact that it allows data to be written beyond the buffer boundaries. Exploiting this vulnerability could enable a hacker to execute arbitrary code...

The vulnerability of microprogrammed software in STARDOM FCN/FCJ programmable logic controllers, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in STARDOM FCN/FCJ programmable logic controllers is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

VulnCheck KEV: CVE-2023-6448

Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands...

VulnCheck KEV: CVE-2019-1821

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist...

Intel FPGA Security Vulnerability

Intel FPGA products is a series of applications from Intel Corporation USA. A security vulnerability exists in Intel Field Programmable Gate Array FPGA. An attacker exploiting this vulnerability could result in the disclosure of information...

Siemens SCALANCE 资源管理错误漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

Siemens SCALANCE 安全漏洞

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

Mitsubishi Electric MELSEC iQ-F series Security Vulnerability

The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric MELSEC iQ-F Series that stems from an improperly restricted authentication function...

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory, allowing a intruder to cause a service failure.

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

Vulnerability of microprogrammed programmable logic controllers MELSEC-F: related to authentication breaches, allowing attackers to circumvent existing security restrictions

The vulnerability of MELSEC-F programmable logic controllers’ microprogramming software is related to authentication breaches. Exploiting this vulnerability allows an attacker, operating remotely, to circumvent existing security restrictions...

The vulnerability of the FINS protocol implementation in Omron programmable logic controllers of the CJ/CS/CP series allows a attacker to execute a brute-force attack.

The vulnerability of the FINS protocol implementation in Omron programmable logic controllers of the CJ/CS/CP series is related to an uncontrolled resource consumption. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...

Delta Electronics WPLSoft Security Vulnerability

Delta Electronics WPLSoft is a software tool for programming Delta Programmable Logic Controllers PLCs from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics WPLSoft version 2.51 and prior versions, which stems from a heap-based buffer overflow issue...

The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the re-release of memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the repeated release of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created project file...

The vulnerability of the programmable logic controller PLC-100, related to errors in TCP communication processing, allows a intruder to trigger a service failure.

The vulnerability of the programmable logic controller PLC-100 is related to errors in TCP communication processing. Exploiting this vulnerability can allow a remote attacker to cause service failures...