LS ELECTRIC XBC-DN32U 安全漏洞

LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC Korea.A denial of service vulnerability exists in the LS ELECTRIC XBC-DN32U. The vulnerability stems from the fact that the device will stop functioning when accessing a memory location outside of the communication...

LS ELECTRIC XBC-DN32U 访问控制错误漏洞

The LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC in Korea. An Access Control Error vulnerability exists in the LS ELECTRIC XBC-DN32U version 01.80. The vulnerability stems from the device's inability to properly control access to the PLC via its internal XGT...

The vulnerability of Schneider Electric’s programmable logic controllers’ microprogramming software lies in the insufficient testing of unusual or exceptional states. This allows a intruder to execute arbitrary code or cause malfunctions during maintenance.

The vulnerability of microprogrammed programmable logic controllers from Schneider Electric relates to insufficient testing of exceptional states. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause malfunctions by using a specially created malware file...

WAGO 访问控制错误漏洞

WAGO 750-88x Series and so on are products of WAGO, Germany.WAGO 750-88x Series is a 750-88x series programmable logic controller.WAGO 750-87x Series is a 750-87x series programmable logic controller.WAGO Series PFC100 is a programmable logic controller. a programmable logic controller. An access...

Omron CP1L-EL20DR-D 安全漏洞

The Omron CP1L-EL20DR-D is a programmable controller from Omron Japan. A security vulnerability exists in the Omron CP1L-EL20DR-D. An attacker could exploit the vulnerability to cause unspecified commands in the FINS protocol to be executed without authentication...

PT-2022-7700 · Siglent · Siglent Sds 1104X-E

Name of the Vulnerable Software and Affected Versions: Siglent SDS 1104X-E version 6.1.37R9.ADS Description: The issue is related to unfiltered user input, which results in Remote Code Execution RCE through the SCPI interface or web server. This is due to insufficient input validation, allowing a...

Mitsubishi Electric MELSEC iQ-R、iQ-L Series和MELIPC Series 安全漏洞

Mitsubishi Electric MELSEC iQ-R series and so on are products of Mitsubishi Electric Japan.Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller.Mitsubishi Electric MELSEC iQ-L series is a series of programmable logic controller.Mitsubishi Electric MELSEC iQ-L series is a seri...

The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers, such as Modicon M340 and Modicon Quantum/Premium, arises from the possibility of an operation exceeding the buffer limits. This allows a malicious actor to trigger a service failure.

The vulnerability of microprogrammed software in Schneider Electric Modicon M340 and Modicon Quantum/Premium programmable logic controllers lies in the execution of operations outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service failures by...

Omron CX-Programmer 缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in Omron CX-Programmer version v.9.77 and prior versions, which stems from an out-of-bounds write issue...

Multiple vulnerabilities in OMRON products

Overview Machine automation controller NJ/NX series, Automation software "Sysmac Studio", and programmable terminal PT NA series provided by OMRON Corporation contain multiple vulnerabilities in the communication function. The vulnerabilities are as follows. Use of Hard-coded Credentials CWE-798 ...

Omron NJ/NX-series Machine Automation Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Omron Equipment: NJ/NX-series Controllers and Software Vulnerabilities: Hard-coded Credentials, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful...

多款WAGO产品安全漏洞

WAGO Series PFC100 and others are products of WAGO, Germany.WAGO Series PFC100 is a programmable logic controller.WAGO Compact Controller CC100 is a compact controller.WAGO Edge Controller is an edge controller. A security vulnerability exists in the WAGO Series PFC100/PFC200, Series Touch Panel...

The vulnerability of Siemens’ programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a hacker to execute arbitrary code.

The vulnerability of Siemens’ programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of microprogrammed software in programmable logic controllers SIMATIC S7-1200 and S7-1500 is related to insufficient protection of registration data, allowing attackers to gain full access to the device.

The vulnerability of microprogrammed software in programmable logic controllers SIMATIC S7-1200 and S7-1500 is related to insufficient protection of registration data. Exploiting this vulnerability can allow an intruder to gain full access to the device...

PT-2022-6339 · Unknown · Mklogic-500

Name of the Vulnerable Software and Affected Versions: MKLogic-500 affected versions not specified Description: The issue is related to insufficient control of parameters used in the configuration of programmable logic controllers, which is set up via FTP. This could allow a remote attacker to...

The vulnerability of the SX-Programmer Expert (D300win) programming tool, related to the execution of operations beyond the buffer boundaries, may affect data integrity.

The vulnerability of the SX-Programmer Expert D300win programming tool for programmable logic controllers is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the integrity of data...

Fuji Electric D300win 缓冲区错误漏洞

Fuji Electric D300win is a PLC product and solution from Fuji Electric Japan. The Fuji Electric D300win suffers from a buffer error vulnerability that stems from susceptibility to out-of-bounds reads, which can be exploited by an attacker to leak sensitive data from process memory...

The vulnerability of microprogrammed software in STARDOM FCN/FCJ programmable logic controllers is related to insufficient verification of data authenticity, allowing an intruder to gain full control over the device.

The vulnerability of microprogrammed software in STARDOM FCN/FCJ programmable logic controllers is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker operating remotely to gain full control over the device...

CVE-2022-2788

Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering...

LS ELECTRIC PLC and XG5000 Encryption Problem Vulnerability

LS ELECTRIC PLC is a programmable logic controller from LS ELECTRIC, a South Korean company. LS ELECTRIC PLC and XG5000 are vulnerable to an encryption issue that could be exploited by an attacker to decrypt credentials and gain full access to the affected programmable logic controller PLC...