Rockwell Automation Lifecycle Services with Cisco
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: Industrial Data Center (IDC) with Cisco Switching, IDC-Managed Support contract with Cisco Switching, Network-Managed Support contract with Cisco network switch, Firewall-Managed Support contract with Cisco firewall Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability […]
Rockwell Automation Stratix
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: Stratix 5700, 5400, 5410, 5200, 5800 Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could result in arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of Stratix 5700 is affected: […]
Hitachi Energy Asset Suite
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Asset Suite Vulnerability: Improper Output Neutralization for Logs 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the manipulation of content or the injection of data with the potential of carrying out further malicious attacks. 3. […]
Delta Electronics DIAScreen
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DIAScreen Vulnerabilities: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to write data outside of the allocated memory buffer. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Delta Electronics DIAScreen are […]
Raise3D Pro2 Series 3D Printers
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Raise3D Equipment: Pro2 Series Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could result in data exfiltration and compromise of the target device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following firmware […]
Hitachi Energy MSM Product
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerabilities: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’), Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow HTML injection via the name parameter or an assertion failure in fuzz_binary_decode, resulting […]
Festo CPX-CEC-C1 and CPX-CMXX
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo Equipment: CPX-CEC-C1 and CPX-CMXX Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated, remote access to critical webpage functions which may cause a denial of service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Festo reports […]
National Instruments Circuit Design Suite
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: Circuit Design Suite Vulnerabilities: Type Confusion, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption, potentially leading to information disclosure and execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED […]
MegaSys Enterprises Telenium Online Web Application
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Megasys Enterprises Equipment: Telenium Online Web Application Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to inject arbitrary operating system commands through a crafted HTTP request, leading to remote code execution on […]
OpenPLC_V3
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Low attack complexity Vendor: OpenPLC_V3 Equipment: OpenPLC_V3 Vulnerability: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of service, making the PLC runtime process crash. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of OpenPLC_V3 […]
