EUVD-2022-35188

Malicious code in bioql PyPI...

(Pwn2Own) Prosys OPC UA Simulation Server OpenSecureChannel Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OpenSecureChannel messages. By sending a...

(Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of message chunks. By sending a large number ...

CVE-2022-2967

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

CVE-2022-2967

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

CVE-2022-2967

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data...

PT-2023-12985 · Prosyst · Prosys Opc Ua Simulation Server

Name of the Vulnerable Software and Affected Versions: Prosys OPC UA Simulation Server versions prior to 5.3.0-64 UA Modbus Server versions 1.4.18-5 and prior Description: The issue concerns insufficient protection of credentials, potentially allowing an attacker to obtain user credentials and ga...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on December 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Prosys OPC UA Simulation Server (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 --------- Begin Update A part 1 of 3 --------- ATTENTION: Low attack complexity Vendor: Prosys OPC Equipment: UA Simulation Server, UA Modbus Server --------- End Update A part 1 of 3 --------- Vulnerability: Insufficiently Protected Credentials 2. UPDATE...

(Pwn2Own) Prosys OPC UA SDK for Java OPC UA Messages Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA SDK for Java. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling of OPC UA messages. By sending a large number of...