2113 matches found
PT-2023-6606 · Rockwell Automation · Arena Simulation
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena Simulation affected versions not specified Description: The issue is related to an arbitrary code execution vulnerability in Rockwell Automation's Arena Simulation software. This vulnerability could allow a malicious...
PT-2023-8024 · Rockwell Automation · Arena Simulation
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena Simulation affected versions not specified Description: The issue is related to an arbitrary code execution vulnerability in Rockwell Automation's Arena Simulation software. This vulnerability could potentially allow...
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems. The most severe of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director...
CSRF bypass
Description URL parsing with Qwik uses the new URLa, b constructor. A little-known fact about this constructor is that if an attacker controls a they have complete control of the finally resolved URL. For example: const url = new URLattackervalue, "http://localhost" By entering //test.com, we can...
PT-2023-2555 · Cisco · Cisco Modeling Labs
Name of the Vulnerable Software and Affected Versions: Cisco Modeling Labs affected versions not specified Description: The issue is related to the external authentication mechanism of Cisco Modeling Labs, which can be exploited by an unauthenticated, remote attacker to access the web interface...
Microsoft Takes Legal Action to Disrupt Cybercriminals' Illegal Use of Cobalt Strike Tool
Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center Health-ISAC to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. To that end, the tech giant's Digital Crimes Unit DCU revealed that it secured a court order i...
GE iFIX
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: iFIX Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation and full control of the system. 3. TECHNICAL DETAILS 3.1...
Azure Serverless Security Risks Exposed by New Study
Simulation uncovers hidden features and urges greater user awareness...
The vulnerability of the dynamically linked CrossCadWare_x64.dl library, a toolset for design and simulation in Siemens Solid Edge, allows a hacker to execute arbitrary code.
The vulnerability of the dynamically linked CrossCadWarex64.dl library, which is used for design and simulation projects by Siemens Solid Edge, relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by having...
Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2023-18933)
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A buffer overflow vulnerability exists in versions pri...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation Out-of-Bounds Read Vulnerability (CNVD-2023-18935)
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. An out-of-bounds read vulnerability exists in versions...
Siemens Tecnomatix Plant Simulation Out-of-Bounds Read Vulnerability (CNVD-2023-18932)
Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A security vulnerability exists in versions prior to...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...