CVE-2025-27594

The device uses an unencrypted, proprietary protocol for communication. Through this protocol, configuration data is transmitted and device authentication is performed. An attacker can thereby intercept the authentication hash and use it to log into the device using a pass-the-hash attack...

CVE-2025-27594

The CVE-2025-27594 entry concerns the SICK DL100-2xxxxxxx series where a proprietary protocol transmits configuration data and authenticates devices without encryption. The underlying issue is the unencrypted protocol, which can allow an attacker to intercept the authentication hash and perform a...

Triton Malware Spearheads Latest Attacks on Industrial Systems | McAfee Blogs

ARCHIVED STORY Triton Malware Spearheads Latest Attacks on Industrial Systems Alexandre Mundo · MAR 26, 2020 Malware that attacks industrial control systems ICS, such as the Stuxnet campaign in 2010, is a serious threat. This class of cyber sabotage can spy on, disrupt, or destroy systems that...

Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Zend Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Zend Java Bridge v3.1 component of the Zend Server framework. The javamw.jar service...