EUVD-2022-35188

Malicious code in bioql PyPI...

(Pwn2Own) Prosys OPC UA Simulation Server OpenSecureChannel Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OpenSecureChannel messages. By sending a...

(Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of message chunks. By sending a large number ...

CVE-2022-2967

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

Design/Logic Flaw

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

CVE-2022-2967

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

CVE-2022-2967

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

CVE-2022-2967

Summary: CVE-2022-2967 affects Prosys OPC UA Simulation Server and UA Modbus Server. The root cause is insufficient protection of credentials, allowing an attacker to obtain user credentials and access system data. Affected products/versions: Prosys OPC UA Simulation Server before 5.3.0-64 and UA...

PT-2023-12985 · Prosyst · Prosys Opc Ua Simulation Server

Name of the Vulnerable Software and Affected Versions: Prosys OPC UA Simulation Server versions prior to 5.3.0-64 UA Modbus Server versions 1.4.18-5 and prior Description: The issue concerns insufficient protection of credentials, potentially allowing an attacker to obtain user credentials and ga...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on December 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Prosys OPC UA Simulation Server (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 --------- Begin Update A part 1 of 3 --------- ATTENTION: Low attack complexity Vendor: Prosys OPC Equipment: UA Simulation Server, UA Modbus Server --------- End Update A part 1 of 3 --------- Vulnerability: Insufficiently Protected Credentials 2. UPDATE...

Prosys OPC UA Simulation Server 安全漏洞

Prosys OPC UA Simulation Server is a simulation server from Prosys OPC, Finland. A security vulnerability exists in Prosys OPC UA Simulation Server version v5.03-64 that stems from insufficiently protected credentials. An attacker could exploit the vulnerability to obtain user credentials and...

(Pwn2Own) Prosys OPC UA SDK for Java OPC UA Messages Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA SDK for Java. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling of OPC UA messages. By sending a large number of...

Ford Prosys - External URLs, KeyStore usage, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Ford Prosys published at the 'play' market has multiple vulnerabilities...