152 matches found
Unitronics Unistream Unilogic Information Disclosure Vulnerability
Unitronics Unistream Unilogic is an integrated controller software platform from Unitronics, Inc. for developing and programming the Unistream family of programmable logic controllers PLCs. An information disclosure vulnerability exists in Unitronics Unistream Unilogic versions prior to 1.35.227,...
Unitronics Unistream Unilogic Path Traversal Vulnerability
Unitronics Unistream Unilogic is an integrated controller software platform from Unitronics, Inc. for developing and programming the Unistream family of programmable logic controllers PLCs. A path traversal vulnerability exists in Unitronics Unistream Unilogic versions prior to 1.35.227, which...
PT-2024-2275 · Unitronics · Unistream +2
Name of the Vulnerable Software and Affected Versions: Unitronics Unistream Unilogic versions prior to 1.35.227 Description: The issue is related to the use of hard-coded passwords, which may allow an attacker to disclose sensitive information embedded inside the device's firmware. This could...
Unitronics VisiLogic < 9.9.00 Default Password
The version of Unitronics VisiLogic installed on the remote host is prior to 9.9.00. It is, therefore, affected by a vulnerability. - Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with networ...
Unitronics VisiLogic Installed (Windows)
Binary data unitronicsvisilogicwininstalled.nbin...
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
The U.S. Treasury Department's Office of Foreign Assets Control OFAC announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on January 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation ICSA-24-004-02 Mitsubishi Electric...
Unitronics Vision PLC and HMI Insecure Default Password Vulnerability
Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands...
The vulnerability of microprogrammed software in programmable logic controllers and human-machine interfaces of the Unitronics Vision Series allows a perpetrator to gain administrative access to the device.
The vulnerability of microprogrammed software in programmable logic controllers and human-machine interfaces of the Unitronics Vision Series is related to the use of rigidly encoded credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain administrative...
CVE-2023-6448
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
CVE-2023-6448
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
CVE-2023-6448
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
Default credentials
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
CVE-2023-6448 Unitronics VisiLogic uses a default administrative password
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
CVE-2023-6448 Unitronics VisiLogic uses a default administrative password
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
CVE-2023-6448
Unitronics VisiLogic before version 9.9.00 (Vision and Samba PLCs/HMIs) is affected by CVE-2023-6448 due to an insecure default administrative password. An unauthenticated, network-accessible attacker can gain full administrative control of a vulnerable system. Mitigation includes upgrading to Vi...
Unitronics PLC Trust Management Issue Vulnerabilities
Unitronics PLC is a programmable logic controller with a built-in HMI panel from Unitronics Israel. A trust management issue vulnerability exists in the Unitronics PLC, which arises from the use of a default management password that allows an attacker accessing the PLC or HMI over the network to...
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
The U.S. Cybersecurity and Infrastructure Security Agency CISA revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers PLCs to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been...
Exploitation of Unitronics PLCs used in Water and Wastewater Systems
CISA is responding to active exploitationlink is external of Unitronics programmable logic controllers PLCs used in the Water and Wastewater Systems WWS Sector. Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water facility...
VulnCheck KEV: CVE-2023-6448
Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands...