18 matches found
EUVD-2020-28655
Malware in sbrugna...
EUVD-2020-28654
Malware in sbrugna...
EUVD-2020-28656
Malware in sbrugna...
CVE-2020-7529
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Transversal' vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place content in any unprotected folder on the target system using a crafted .RCZ file...
SCADAPack 7x Remote Connect Code Issue Vulnerability
SCADAPack 7x RemoteConnect is a software tool for users to monitor, configure, program, and debug the SCADAPack 470, 474, 570, 574, and 575 Smart RTUs. A code issue vulnerability exists in SCADAPack 7x Remote Connect 3.6.3.574 and earlier versions. An attacker can exploit the vulnerability to...
CVE-2020-7531
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user...
CVE-2020-7529
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Transversal' vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place content in any unprotected folder on the target system using a crafted .RCZ file...
CVE-2020-7530
A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows improper access to executable code folders...
Improper access control
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user...
Path traversal
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Transversal' vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place content in any unprotected folder on the target system using a crafted .RCZ file...
Deserialization of untrusted data
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer...
CVE-2020-7531
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user...
CVE-2020-7530
A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows improper access to executable code folders...
CVE-2020-7530
CVE-2020-7530 affects SCADAPack 7x Remote Connect ≤ 3.6.3.574, with a CWE-285 improper authorization flaw that enables access to executable code folders. Root cause: insufficient/authentication weakness in the authorization mechanism. Consequence: potential unauthorized access to folders containi...
CVE-2020-7529
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Transversal' vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which allows an attacker to place content in any unprotected folder on the target system using a crafted .RCZ file...
CVE-2020-7528
SCADAPack 7x Remote Connect (versions up to 3.6.3.574) is affected by CWE-502 Deserialization of Untrusted Data. A vulnerability exists where an attacker can construct a malicious .PRJ file containing a serialized buffer that leads to arbitrary code execution. The issue is consistently described ...
CVE-2020-7528
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer...
PT-2020-19617 · Schneider Electric · Scadapack 7X Remote Connect
Name of the Vulnerable Software and Affected Versions: SCADAPack 7x Remote Connect versions 3.6.3.574 and prior Description: A vulnerability exists that allows improper access to executable code folders due to improper authorization. Recommendations: For SCADAPack 7x Remote Connect versions...