CVE-2019-18269

Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability...

WAGO PFC200 and PFC100 Denial of Service Vulnerabilities

The WAGO PFC200 and WAGO PFC100 are both programmable logic controllers PLCs from WAGO Germany. A denial of service vulnerability exists in the I/O-Check function in the WAGO PFC200 using firmware version 03.01.0713 and the WAGO PFC100 using firmware version 03.00.3912, which can be exploited by ...

PT-2019-15306 · Omron · Omron Plc Cj Series

Name of the Vulnerable Software and Affected Versions: Omron CS series PLCs affected versions not specified Omron CJ series PLCs affected versions not specified Description: The issue concerns an unrestricted externally accessible lock vulnerability. Recommendations: For Omron CS series PLCs, at...

Access Control Error Vulnerability in Omron PLC CJ and CS Series

Omron PLC CJ and CS series are PLCs from Omron. A security vulnerability exists in the Omron PLC CJ and CS Series that can be exploited by an attacker to access unrestricted locks...

The vulnerability of the REST API interface of the Cisco Prime Infrastructure monitoring and network equipment management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to escalate their privileges and execute arbitrary code.

The vulnerability of the REST API interface of the Cisco Prime Infrastructure monitoring and network equipment management system, as well as the Cisco Evolved Programmable Network Manager EPNM software for managing network services, is related to insufficient validation of input data. Exploiting...

CVE-2019-15958

A vulnerability in the REST API of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input...

CVE-2019-15958 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

A vulnerability in the REST API of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input...

Rockwellautomation 1763-l16awa Exposure of Sensitive Information to an Unauthorized Actor

An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00...

Rockwellautomation 1763-l16awa Use of Insufficiently Random Values

A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

A vulnerability in the REST API of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability exists because affected devices...

The vulnerability of the microprogramming software used in Allen Bradley programmable logic controllers from Rockwell Automation relates to deficiencies in authentication procedures, allowing an intruder to execute arbitrary code.

The vulnerability of the microprogramming software used in Allen Bradley programmable logic controllers from Rockwell Automation is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code by...

WAGO Series PFC100 and WAGO Series PFC200 Improper Access Control Vulnerability

The WAGO Series PFC100 and WAGO Series PFC200 are programmable logic controllers from WAGO Germany. An improper access control vulnerability exists in the WAGO Series PFC100 and WAGO Series PFC200, which can be exploited by a remote attacker by sending a specially crafted HTTP request to determin...

CVE-2019-4378

IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084...

Authentication Bypass Vulnerability in GE PLC IC695CPE330

The GE PLC IC695CPE330 is a General Electric programmable logic controller. The GE PLC IC695CPE330 suffers from an authentication bypass vulnerability that can be exploited by an attacker to bypass privilege validation and gain access to all WEB content...

SIEMENS S7-200 SIMATIC PLC suffers from a remote control vulnerability (CNVD-2019-37705)

S7-200 SMART is a small PLC developed by Siemens with a friendly interface and more user-friendly software operation. A remote control vulnerability exists in SIEMENS S7-200 SIMATIC PLC. An attacker can exploit the vulnerability to construct special application layer data messages that result in ...

SIEMENS S7-200 SIMATIC PLC has a remote control vulnerability

S7-200 SMART is a small PLC developed by Siemens with a friendly interface and more user-friendly software operation. A remote control vulnerability exists in SIEMENS S7-200 SIMATIC PLC, which can be exploited by attackers to remotely control the PLC...

MITSUBISHI PLC suffers from denial of service vulnerability (CNVD-2019-37109)

MITSUBISHI PLC is a programmable controller product of Mitsubishi Electric Japan. A denial of service vulnerability exists in MITSUBISHI PLC, which can be exploited by an attacker to cause a denial of service...

Denial of Service Vulnerability in Mitsubishi FX5U Series PLCs

Mitsubishi FX5U series PLC is the latest generation of Mitsubishi Electric Mitsubishi small programmable controller. A denial of service vulnerability exists in the Mitsubishi FX5U Series PLC. An attacker can send specially crafted packets to cause the device to fail to resume operation it also...

NAPro has a backdoor vulnerability

NAPro is a PLC programming software developed by Nanda Aotuo Technology Jiangsu Co. NAPro has a backdoor vulnerability that can be exploited by an attacker to log into a PLC and perform illegal operations...

Authentication Bypass Vulnerability in Unity Pro XL

Unity Pro XL is a PLC programming software from Schneider Electric. An authentication bypass vulnerability exists in Unity Pro XL, which can be exploited by an unauthorized attacker to gain access to the PLC...