B&R Industrial Automation Security Vulnerabilities

CVE-2024-28775 IBM WebSphere Automation cross-site scripting

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

CVE-2023-39474 Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability

Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target.....

CVE-2022-38710 IBM Robotic Process Automation information disclosure

IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information that could aid in further attacks against the system. IBM X-Force ID:...

Home Assistant Supervisor - Authentication Bypass

Home Assistant Supervisor is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the Supervisor API through Home Assistant has been discovered.This impacts all Home Assistant installation types that use the Supervisor 2023.01.1 or older.....

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN...

Rockwell Automation RSLinx Classic Detection

The remote host has a version of Rockwell Automation RSLinx Classic installed, software commonly used for managing industrial automation control...

Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution

Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a...

Inductive Automation Ignition Multiple Vulnerabilities

The version of Inductive Automation Ignition listening on the remote host is affected by multiple vulnerabilities : A cross-site scripting vulnerability exists in Java Web Start when adding any symbols to web requests for starting Java applets. A remote attacker can exploit this to...

CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions &gt;=4.0 and &lt;4.12 may allow an authenticated local attacker to execute code in the context of the...

Updated microcode packages fix security vulnerabilities

The updated package fixes security vulnerabilities: Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. (CVE-2023-45733) Sequence of processor instructions leads to unexpected...

CVE-2023-45745

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2023-45745

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...

Exploit for OS Command Injection in Cisco Ios Xe

CVE-2023-20273 CVE-2023-20273 Exploit PoC Usage ```...

Siemens Automation License Manager 5.x < 6.0.8 Privilege Escalation (SSA-388646)

The version of Siemens Automation License Manager installed on the remote host is version 5.x prior to 6.0.8. It is, therefore, affected by a privilege escalation vulnerability due to improper validation of user privileges when executing some operations. An authenticated, local attacker could...

Mitsubishi Electric Automation MC-WorX 8.x ActiveX Control Remote Code Execution

Mitsubishi Electric Automation MC-WorX version 8.x was detected on the remote Windows Host. It is, therefore, affected by a remote code execution vulnerability due a flaw in an included ActiveX control,...

Exploit for Race Condition in Apple Ipados

desc_race "desc_race" (CVE-2021-30955) exploit for iOS 15.0 -...

CVE-2023-32042 OLE Automation Information Disclosure Vulnerability

...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

Vulnerability Scanner for CVE-2024-24919 (need Shodan API)...

CVE-2021-47342 ext4: fix possible UAF when remounting r/o a mmp-protected file system

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...

CVE-2021-47342 ext4: fix possible UAF when remounting r/o a mmp-protected file system

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2023-21768 Local Privilege Escalation POC authors:...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote...

Exploit for Improper Validation of Specified Quantity in Input in Linux Linux Kernel

RNDIS-CO Summary The RNDIS USB Gadget may be exploited...

Tornado has a CRLF injection in CurlAsyncHTTPClient headers

Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...

Jenkins HP Application Automation Tools Plugin Password Encryption Security Weakness

The remote host is using the Jenkins HP Application Automation tools plugin. Nessus was able to remotely access one or more unprotected file(s) in the Jenkins build system and decrypt the HP Application Lifecycle Management password. These passwords are currently encrypted with a known, hard-coded....

K000139880: Intel CPU/BIOS vulnerabilities CVE-2023-28402, CVE-2023-27504, and CVE-2023-28383

Security Advisory Description CVE-2023-28402 Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-27504 Improper conditions check in some Intel(R) BIOS Guard firmware may allow a...

R Programming Language 1.4.0 < 4.4.0 Insecure Deserialization

The version of the R Programming Language running on the remote host is 1.4.0 or later, before 4.4.0. It is, therefore, affected by an insecure deserialization vulnerability. Deserialization of untrusted data can occur, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R.....

Horde/Horde Groupware - Local File Inclusion

Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver...

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester (RFT) / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM...

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction...

Amcrest IP Camera Web Management - Data Exposure

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative...

CVE-2024-5989 Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager®...

CVE-2024-5989 Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager®...

Siemens Automation License Manager Multiple Vulnerabilities

The remote host has a version of Siemens Automation License Manager installed that is affected by the following vulnerabilities : There are multiple buffer overflows that can be exploited to execute arbitrary code by sending a message to the Automation License Manager TCP service...

CrushFTP VFS - Sandbox Escape LFR

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS...

Exploit for Use After Free in Microsoft

CVE-2023-36802 Local Privilege Escalation POC authors:...

n-e-r-v-o-u-s.com Cross Site Scripting vulnerability OBB-3857032

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5988 Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager®...

VMware vRealize Automation Web UI Detection

The remote web server is running the web UI for VMware vRealize Automation, a cloud automation virtual appliance. Note: To obtain accurate version and build information provide HTTP basic authentication...

Exploit for CVE-2022-22972

CVE-2022-22972 POC for CVE-2022-22972 affecting VMware...

CVE-2022-41804

Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919-Sniper ![CVE-2024-24919 Sniper...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2023-51775)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s).....

CVE-2023-6028 SDM Web interface vulnerable to XSS

A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions &lt;= G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 Openfire Console Authentication Bypass...

CVE-2023-22655

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2023-50232 Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the...

CrateDB has a Client initialized Session-Renegotiation DoS

Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...

Siemens SCALANCE S612 Firewall Detection

The remote device as a Siemens SCALANCE S612 Firewall, a security solution for industrial automation technology and industrial control system networks. The device can act as a bridge or a gateway depending on the...

RHEL 8 : Red Hat Ansible Automation Platform 2.1.2 (RHSA-2022:5702)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5702 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...