14 matches found
EUVD-2023-47202
Malicious code in bioql PyPI...
CVE-2023-42770
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...
Authentication flaw
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...
CVE-2023-40151
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...
Authentication flaw
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...
CVE-2023-42770 Red Lion Controls Sixnet RTU Authentication Bypass Using An Alternative Path Or Channel
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...
CVE-2023-42770 Red Lion Controls Sixnet RTU Authentication Bypass Using An Alternative Path Or Channel
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message is received over TCP/IP the RTU will simply accept the message with no authentication challenge...
CVE-2023-40151
CVE-2023-40151 affects Red Lion SixTRAK and VersaTRAK RTUs. Two flaws enable: (1) CVE-2023-42770 authentication bypass where UDP requires auth but TCP messages are accepted without challenge; (2) CVE-2023-40151 remote code execution via Sixnet UDR shell command execution, allowing root privileges...
CVE-2023-40151 Red Lion Controls Sixnet RTU Exposed Dangerous Method Or Function
When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...
Juniper Junos OS Vulnerability (JSA10865)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA10865 advisory. - Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very...
Mitsubishielectric Cr800-q Uncontrolled Resource Consumption
When MELSOFT transmission port UDP/IP of Mitsubishi Electric MELSEC iQ-R series all versions, MELSEC iQ-F series all versions, MELSEC Q series all versions, MELSEC L series all versions, and MELSEC F series all versions receives massive amount of data via unspecified vectors, resource consumption...
Mitsubishi Electric MELSEC
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: MELSEC Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may render the device unresponsive. 3...
CVE-2020-5527
When MELSOFT transmission port UDP/IP of Mitsubishi Electric MELSEC iQ-R series all versions, MELSEC iQ-F series all versions, MELSEC Q series all versions, MELSEC L series all versions, and MELSEC F series all versions receives massive amount of data via unspecified vectors, resource consumption...
CVE-2020-5527
CVE-2020-5527 describes an uncontrolled resource consumption vulnerability in the MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and F series. When the port receives a massive amount of data via unspecified vectors, resource consumption occurs and processing ma...