B&R Industrial Automation Security Vulnerabilities

Rockwell Automation RSLinx Classic <= 2.57.00.14 DoS (CVE-2020-13573)

The remote host has a version of RSLinx Classic installed that is prior or equal to 2.57.00.14. It is, therefore, potentially affected by a denial of service vulnerability in the Ethernet/IP server implementation. A remote, unauthenticated attacker could cause the device to crash by sending a...

VMware - Local File Inclusion

VMware Workspace ONE Access, Identity Manager, and Realize Automation are vulnerable to local file inclusion because they contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without....

[SECURITY] Fedora 40 Update: qt6-qtserialbus-6.7.1-1.fc40

Qt Serial Bus (API) provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and...

CVE-2023-28746

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution

Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a...

CVE-2023-28746

Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: consul, nri-mssql, crossplane, frp, cert-manager, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, step, gomplate, kubernetes-event-exporter, trivy, influxd, nfs-subdir-external-provisioner, opentofu, prometheus-nats-exporter,...

VMware vRealize Automation Web UI Detection

The remote web server is running the web UI for VMware vRealize Automation, a cloud automation virtual appliance. Note: To obtain accurate version and build information provide HTTP basic authentication...

Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway

Summary Security Vulnerabilities in axios affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details ** IBM X-Force ID: 294242 DESCRIPTION: **Node.js Axios module is vulnerable to a denial of service, caused by a prototype pollution in the formDataToJSON function. By.....

Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details ** CVEID: CVE-2023-33008 DESCRIPTION: **Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON...

Siemens Automation License Manager Multiple Vulnerabilities

The remote host has a version of Siemens Automation License Manager installed that is affected by the following vulnerabilities : There are multiple buffer overflows that can be exploited to execute arbitrary code by sending a message to the Automation License Manager TCP service...

Security Bulletin: Vulnerability in Java affects Tivoli System Automation for Multiplatforms shipped with IBM® Db2® LUW. (CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850)

Summary Security vulnerabilities have been identified in Java that affect Tivoli System Automation for Multiplatforms (TSAMP) shipped as a component of IBM Db2. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions TSAMP...

CVE-2024-28775 IBM WebSphere Automation cross-site scripting

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919......

Security Bulletin: Insecure XML parsing vulnerability affect IBM Business Automation Workflow - CVE-2014-0107, CVE-2022-34169

Summary IBM Business Automation Workflow reintroduced an outdated version of the Xalan library. Vulnerability Details ** CVEID: CVE-2014-0107 DESCRIPTION: **Apache Xalan-Java could allow a remote attacker to bypass security restrictions, caused by the improper handling of output properties. An...

CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions &gt;=4.0 and &lt;4.12 may allow an authenticated local attacker to execute code in the context of the...

Updated microcode packages fix security vulnerabilities

The updated package fixes security vulnerabilities: Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. (CVE-2023-45733) Sequence of processor instructions leads to unexpected...

Exploit for Race Condition in Apple Ipados

desc_race "desc_race" (CVE-2021-30955) exploit for iOS 15.0 -...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN...

Cisco ASA - Local File Inclusion

Cisco Adaptive Security Appliances (ASA) web interfaces could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an...

Exploit for Off-by-one Error in F5 Nginx

CVE-2021-23017-PoC ``` pip install -r requirements.txt...

Siemens Automation License Manager 5.x < 6.0.9 DoS (SSA-158827)

The version of Siemens Automation License Manager installed on the remote host is version 5.x prior to 6.0.9. It is, therefore, affected by a denial of service vulnerability. An attacker could exploit this by sending specially crafted packets to port 4410/tcp of an affected system. Note that...

CVE-2023-32042 OLE Automation Information Disclosure Vulnerability

...

Exploit for OS Command Injection in Cisco Ios Xe

CVE-2023-20273 CVE-2023-20273 Exploit PoC Usage ```...

CVE-2022-38710 IBM Robotic Process Automation information disclosure

IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information that could aid in further attacks against the system. IBM X-Force ID:...

CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions &gt;=4.0 and &lt;4.12 may allow an authenticated local attacker to execute code in the context of the...

CVE-2022-41804

Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2022-38710 IBM Robotic Process Automation information disclosure

IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information that could aid in further attacks against the system. IBM X-Force ID:...

Exploit for CVE-2024-28890

Exploit Script This repository contains a Python script...

Exploit for CVE-2024-31819

CVE-2024-31819 An issue in WWBN AVideo v.12.4 through v.14.2...

CVE-2023-5189

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being...

CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...

Exploit for CVE-2023-4596

Exploit Script This repository contains a Python script...

Exploit for Improper Validation of Specified Quantity in Input in Linux Linux Kernel

RNDIS-CO Summary The RNDIS USB Gadget may be exploited...

n-e-r-v-o-u-s.com Cross Site Scripting vulnerability OBB-3857032

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Horde/Horde Groupware - Local File Inclusion

Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver...

CVE-2023-4237

A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and...

WP Fusion Lite – Marketing Automation and CRM Integration for WordPress < 3.43.0 - Information Exposure

Description The WP Fusion Lite – Marketing Automation and CRM Integration for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.42.10 through publicly exposed log files. This makes it possible for unauthenticated attackers to...

Home Assistant Supervisor - Authentication Bypass

Home Assistant Supervisor is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the Supervisor API through Home Assistant has been discovered.This impacts all Home Assistant installation types that use the Supervisor 2023.01.1 or older.....

[Android Auto] App permissions reset after upgrade on device from R build to S build

In parse of RoleParser.java, there is a possible way for default apps to get permissions explicitly denied by the user due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

K000139880: Intel CPU/BIOS vulnerabilities CVE-2023-28402, CVE-2023-27504, and CVE-2023-28383

Security Advisory Description CVE-2023-28402 Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-27504 Improper conditions check in some Intel(R) BIOS Guard firmware may allow a...

CVE-2023-43490

Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...

Siemens SCALANCE S612 Firewall Detection

The remote device as a Siemens SCALANCE S612 Firewall, a security solution for industrial automation technology and industrial control system networks. The device can act as a bridge or a gateway depending on the...

Rockwell Automation MicroLogix 1400 PLC Default Credentials

The remote device appears to be a Rockwell Automation MicroLogix 1400 PLC that can be accessed using default HTTP credentials. An attacker can exploit this to gain administrative access to the affected...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2024-21762 out-of-bounds write in Fortinet FortiOS ...

Exploit for HTTP Request Smuggling in Apache Http Server

CVE 2023 25690 - Proof of Concept Published: 7 March 2023...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

Vulnerability Scanner for CVE-2024-24919 (need Shodan API)...

Rockwell Automation MicroLogix 1100 PLC Default Credentials

The remote device appears to be a Rockwell Automation MicroLogix 1100 PLC that can be accessed using default HTTP credentials. An attacker can utilize this to gain administrative access to the affected...

Exploit for PHP External Variable Modification in Juniper Junos

Automation for Juniper CVE:2023-36845 Overview is a bash...