B&R Industrial Automation Security Vulnerabilities

CVE-2023-50232 Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the...

CVE-2023-50232 Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the...

RHEL 8 : Red Hat Ansible Automation Platform 2.1.2 (RHSA-2022:5702)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5702 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

(RHSA-2024:3422) Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): linux-firmware: hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635) linux-firmware: hw: intel: Improper access control for...

K000140039: Intel QAT vulnerability CVE-2023-32641

Security Advisory Description Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. (CVE-2023-32641) Impact There is no impact; F5 products are not affected by this...

[SECURITY] Fedora 40 Update: qt5-qtwebsockets-5.15.14-1.fc40

The QtWebSockets module implements the WebSocket protocol as specified in R FC 6455. It solely depends on Qt (no external...

CVE-2023-43490

Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...

Exploit for Inadequate Encryption Strength in Alpha-Innotec Heat Pumps Firmware

CVE-2024-22894 Downloaded the latest heatpump firmware...

RHEL 8 : Red Hat Ansible Automation Platform 2.1.3 (RHSA-2022:6078)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6078 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

CVE-2024-23171

An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization...

Exploit for CVE-2022-22972

CVE-2022-22972 POC for CVE-2022-22972 affecting VMware...

CVE-2023-45733

Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local...

CVE-2024-0220

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

CVE-2022-33196

Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local...

Tornado has a CRLF injection in CurlAsyncHTTPClient headers

Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...

BMC BladeLogic Server Automation RSCD Agent Detection

An RSCD agent for BMC BladeLogic Server Automation (BSA) is running on the remote host. BSA is an enterprise solution for provisioning, configuring, and maintaining...

Rockwell Automation MicroLogix 1400 PLC Default Credentials

The remote device appears to be a Rockwell Automation MicroLogix 1400 PLC that can be accessed using default HTTP credentials. An attacker can exploit this to gain administrative access to the affected...

Siemens SIMATIC ProSave Detection

Siemens SIMATIC ProSave, an application for managing industrial automation control hardware, is installed on the remote...

Exploit for Code Injection in Crushftp

CVE-2024-4040 - exploit scanners This repository contains...

Siemens SCALANCE S612 Firewall Detection

The remote device as a Siemens SCALANCE S612 Firewall, a security solution for industrial automation technology and industrial control system networks. The device can act as a bridge or a gateway depending on the...

CVE-2023-39368

Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...

Rockwell Automation MicroLogix 1100 PLC Default Credentials

The remote device appears to be a Rockwell Automation MicroLogix 1100 PLC that can be accessed using default HTTP credentials. An attacker can utilize this to gain administrative access to the affected...

Rockwell Automation RSLinx Classic < 3.73.00 Buffer Overflow

The remote host has a version of RSLinx Classic installed that is prior to 3.73.00. It is, therefore, affected by an arbitrary code execution vulnerability due an overflow condition caused by improper validation of user-supplied input. A local attacker can exploit this, via a specially crafted...

Trihedral VTScada Detection

Trihedral Engineering VTScada, an application for managing industrial automation control hardware, is installed on the remote...

WAVLINK WN530HG4 - Improper Access Control

WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd] and thereby possibly obtain sensitive information, modify data, and/or execute....

CrateDB has a Client initialized Session-Renegotiation DoS

Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...

Exploit for Path Traversal in Sysaid Sysaid On-Premises

Vulnerability Details fofa: ```text ...

CVE-2023-46103

Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local...

CVE-2024-5659 Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

FortiGate cve-2024-21762-checker This script is used to check...

CVE-2024-5659 Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device...

Exploit for Code Injection in Apache Ofbiz

ofbiz-CVE-2023-49070-RCE-POC This is a pre-auth RCE POC For...

Exploit for CVE-2023-33733

CVE-2023-33733 on Reportlab v3.6.12 This lab was set up to...

Ansible Installed (Linux/UNIX)

Ansible, an IT automation and management application, was found on the remote...

CVE-2023-28938

Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local...

CVE-2024-36702

libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at...

CVE-2024-36702

libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at...

Exploit for CVE-2024-0757

CVE-2024-0757 (Exploit) Description The Insert or Embed...

WAVLINK WN533A8 - Improper Access Control

WAVLINK WN533A8 M33A8.V5030.190716 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);] and thereby possibly obtain sensitive information, modify data, and/or execute.....

Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024

CVE-2024-4358_Mass_Exploit Modified tools from @sinsinology...

CVE-2024-36702

libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at...

CVE-2024-36702

libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at...

Exploit for Improper Authentication in Automattic Woocommerce Payments

CVE-2023-28121 WooCommerce Payments &lt; 5.6.2 - Unauthenticated...

CVE-2023-46128

Nautobot is a Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 2.0.x, certain REST API endpoints, in combination with the ?depth=&lt;N&gt; query parameter, can expose hashed user passwords as stored in the datab...

RHEL 7 / 8 : Red Hat Ansible Automation Platform 1.2.2 (RHSA-2021:0781)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0781 advisory. Red Hat Ansible Automation Platform integrates Red Hat's automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible...

CVE-2022-35961

OpenZeppelin Contracts is a library for secure smart contract development. The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issue....

RHEL 7 / 8 : Red Hat Ansible Automation Platform 1.2 (RHSA-2022:5703)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5703 advisory. Red Hat Ansible Automation Platform integrates Red Hats automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine,...