Rockwell Automation ISaGRAF5 Runtime Uncontrolled Search Path Element (CVE-2020-25182)

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to execute arbitrary code. This vulnerability only affects ISaGRAF Runtime when running on Microsoft...

Rockwell Automation Allen-Bradley Micrologix 1100

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: Allen-Bradley MicroLogix 1100 Vulnerability: Improper Handling of Length Parameter Inconsistency 2. RISK EVALUATION Successful exploitation of this vulnerability...

The vulnerability of the weblogin.cgi component in NAS (Network Attached Storage) storage systems and micro-programming software for Ethernet interfaces of UTM, ATP, and VPN devices allows a hacker to execute arbitrary code.

The vulnerability of the weblogin.cgi component in NAS Network Attached Storage storage systems and microprogramming software for Ethernet interfaces of UTM, ATP, and VPN devices is related to errors during the verification of the username parameter. Exploiting this vulnerability allows a malicio...