Lucene search
+L
UnitronicsUnilogic

8 matches found

CVE
CVE
added 2024/03/18 1:19 p.m.108 views

CVE-2024-27768

CVE-2024-27768 affects Unitronics Unistream Unilogic before version 1.35.227. The issue is a Path Traversal vulnerability that may allow remote code execution (RCE) by accessing files outside the web root. Affected component appears to be the Unilogic software on Unitronics Unistream controllers....

9.8CVSS9.5AI score0.00854EPSS
CVE
CVE
added 2024/03/18 1:13 p.m.85 views

CVE-2024-27767

CVE-2024-27767 affects Unitronics Unistream Unilogic (PLC software platform). The issue is an improper authentication weakness that may allow an authentication bypass. Reported for versions prior to 1.35.227. Impact is reported as severe/total access potential to restricted functions. Remediation...

10CVSS9.6AI score0.0069EPSS
CVE
CVE
added 2024/03/18 1:21 p.m.83 views

CVE-2024-27769

The CVE-2024-27769 vulnerability affects Unitronics Unistream Unilogic (Unitronics Unistream PLCs). Affected versions are prior to 1.35.227. The root cause is information disclosure to unauthorized actors, enabling disclosure of sensitive data and potentially allowing an attacker to take ownershi...

8.8CVSS8.7AI score0.00711EPSS
CVE
CVE
added 2024/03/18 1:23 p.m.80 views

CVE-2024-27770

Unitronics Unistream Unilogic (versions prior to 1.35.227) is affected by CWE-23 Relative Path Traversal in the web-facing component. An attacker could access files outside the web root directory, exposing sensitive data. Remediation: upgrade to version 1.35.227 or later; as a temporary measure, ...

8.8CVSS8.7AI score0.00794EPSS
CVE
CVE
added 2024/03/18 1:32 p.m.78 views

CVE-2024-27773

CVE-2024-27773 affects Unitronics Unistream Unilogic (Unitronics PLC software). Affects Unilogic versions prior to 1.35.227. Root cause per sources: use of less trusted sources, which may allow remote code execution (RCE). Impact is high (network access, local privileges, unauthenticated/low-priv...

8.8CVSS8.8AI score0.00355EPSS
CVE
CVE
added 2024/03/18 1:34 p.m.73 views

CVE-2024-27774

Summary (CVE-2024-27774) : Unitronics Unistream Unilogic is affected in versions prior to 1.35.227. The root cause is the use of hard-coded passwords, which may disclose sensitive information embedded in the device firmware (high confidentiality impact). Affected component is the Unilogic firmwar...

7.5CVSS7.5AI score0.00431EPSS
CVE
CVE
added 2024/03/18 1:27 p.m.71 views

CVE-2024-27771

CVE-2024-27771 affects Unitronics Unistream Unilogic; versions prior to 1.35.227 are vulnerable due to a path traversal flaw (CWE-22) that may allow remote code execution. Impact described as high severity with network access and privileges required low; potential full compromise of affected PLCs...

8.8CVSS8.7AI score0.0081EPSS
CVE
CVE
added 2024/03/18 1:28 p.m.60 views

CVE-2024-27772

CVE-2024-27772 affects Unitronics Unistream Unilogic prior to version 1.35.227. The vulnerability is an OS Command Injection that can lead to Remote Code Execution (RCE). The CVSSv3.1 vector indicates network attack with low complexity and requires low privileges, no user interaction, and results...

8.8CVSS8.8AI score0.01731EPSS