Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without...
7.5CVSS
6.9AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path...
8.8CVSS
6.8AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over...
8.8CVSS
6.8AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow...
8.8CVSS
6.9AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow...
8.8CVSS
6.8AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's...
7.5CVSS
6.8AI Score
0.0004EPSS
10CVSS
6.9AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow...
8.8CVSS
6.9AI Score
0.0004EPSS
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow...
9.8CVSS
6.8AI Score
0.0004EPSS
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable...
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the...
9.8CVSS
9.2AI Score
0.002EPSS
Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp...
9.8CVSS
9.7AI Score
0.06EPSS
Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp...
9.6CVSS
9.7AI Score
0.276EPSS
Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown...
7.2AI Score
0.342EPSS
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web...
6.6AI Score
0.183EPSS