Vulnerability fixed in Cisco Prime Infrastructure and Evolved Programmable Network Manager

Cisco has fixed a vulnerability in Prime Infrastructure and Evolved Programmable Network Manager. An authenticated malicious person with access to the command-line interface could exploit the exploit the vulnerability to gain access to sensitive information. Cisco has released updates to fix the...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to trigger a service failure.

The vulnerability of the programming software for PLCs programmable logic controllers, EcoStruxure Control Expert, lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the system remotely...

The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium lies in the absence of authentication for a critical function, allowing attackers to execute arbitrary commands.

The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium lies in the absence of authentication for critical functions. Exploiting this vulnerability allows an attacker operating remotely to...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability

A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. This vulnerability exists because sensitive...

Cisco Prime Infrastructure信息泄露漏洞

Cisco Prime Infrastructure is a software application from Cisco USA. It is used to simplify the management of wireless and wired networks. An information disclosure vulnerability exists in Cisco Prime Infrastructure and Evolved Programmable Network Manager, which stems from a vulnerability in the...

WAGO 授权问题漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is specifically designed for use in industrial environments as an electronic system for the operation of digital algorithms. An authorization issue exists in WAGO PLC in firmware version FW07, which can be...

WAGO 安全漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. This device is designed for applications in industrial environments where digital algorithms operate electronic systems. A security vulnerability in the OpenSSL implementation of the WAGO 750-831/xxx xxx, 750-880/xxx xxx,...

Auto Apply IPS Rules for Solid Cloud Workload Security

Learn how to leverage automated and programmable APIs to quickly scan and secure workloads with high or critical severity IPS rules...

The vulnerability of Schneider Electric’s Modbus Serial Driver for programmable logic controllers is related to errors in processing hypertext links, allowing an attacker to re-write files in the file system.

The vulnerability of Schneider Electric’s Modbus Serial Driver relates to errors in processing hypertext links. Exploiting this vulnerability could allow an attacker to re-record files in the file system...

The vulnerability of the Modbus protocol implementation in microprogrammed software for programmable logic controllers like Modicon Quantum arises from incorrect code generation. This allows attackers to trigger malfunctions during maintenance operations.

The vulnerability of the Modbus protocol implementation in microprogrammed software for programmable logic controllers like Modicon Quantum is related to incorrect code generation. Exploiting this vulnerability could allow an attacker, operating remotely, to cause malfunctions in the system’s...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to bypass the authentication process.

The vulnerability of the programming software for PLCs programmable logic controllers, EcoStruxure Control Expert, lies in the absence of restrictions on the number of authentication attempts. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to bypass the authentication process.

The vulnerability of the programming software for PLCs programmable logic controllers, EcoStruxure Control Expert, is related to improper authentication. Exploiting this vulnerability can allow an attacker to bypass authentication processes...

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to trigger a service failure.

The vulnerability of the EcoStruxure Control Expert programming tool for programmable logic controllers is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...

MAC1100 PLC 安全漏洞

The MAC1100 PLC is an industrial control product PLC. A security vulnerability exists in the MAC1100 PLC that can be exploited by an attacker to gain access to the system and escalate privileges via a crafted package...

MAC1100 PLC 信息泄露漏洞

The MAC1100 PLC is an industrial control product PLC. An information disclosure vulnerability exists in the EPA protocol of the MAC1100 PLC, which could allow an attacker to read a specific storage area and collect relevant device information in the PLC via an unauthorized EPA read operation, whi...

Cisco Evolved Programmable Network Manager Information Disclosure (cisco-sa-epnm-info-disc-PjTZ5r6C)

An information disclosure vulnerability exists in Cisco Evolved Programmable Network Manager. An authenticated, remote attacker can exploit this, by sending a specific API request to the affected application, to disclose potentially sensitive information about the application. Please see the...

Siemens SIMATIC S7-1500 CPU和SIMATIC S7-1500 授权问题漏洞

The Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 are both products of Siemens, Germany.The SIMATIC S7-1500 CPU is a CPU central processing unit module.The SIMATIC S7-1500 is a programmable logic controller. A security vulnerability exists in the Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500...

The vulnerability of DIAScreen software for programmable logic controllers arises from buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the software for programmable logic controllers DIAScreen arises from buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code write-off memory boundaries...

CVE-2021-34707 Cisco Evolved Programmable Network Manager Sensitive Information Disclosure Vulnerability

A vulnerability in the REST API of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API...

CVE-2021-34707 Cisco Evolved Programmable Network Manager Sensitive Information Disclosure Vulnerability

A vulnerability in the REST API of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API...