Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0956
External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated malicious user to read files on the system.
Tel-ster Telwin Scada Webinterface 9.0
Tel-ster Telwin Scada Webinterface 8.0
Tel-ster Telwin Scada Webinterface
1000
VMScore
CVE-2011-3322
Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions prior to 1.14, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long password to the Telnet (TCP/23) port, which trigge...
Scadatec Procyon Scada 1.06
Scadatec Procyon Scada 1.13
1 EDB exploit
668
VMScore
CVE-2020-6970
A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 up to and including 3.3.3, where a specially crafted script could execute code on the OpenEnt...
Emerson Openenterprise Scada Server
Emerson Openenterprise Scada Server 2.8.3
605
VMScore
CVE-2022-32530
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: ...
Schneider-electric Geo Scada Mobile
Schneider-electric Geo Scada Mobile 2020
632
VMScore
CVE-2013-2829
MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a malformed DNP3 packet.
Matrikonopc Scada Dnp3 Opc Server 1.2.0
Matrikonopc Scada Dnp3 Opc Server
1000
VMScore
CVE-2013-0657
Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and previous versions allows remote malicious users to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.
Schneider-electric Interactive Graphical Scada System
Schneider-electric Interactive Graphical Scada System 9.0
2 EDB exploits
418
VMScore
CVE-2013-2823
The (1) Catapult DNP3 I/O driver prior to 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver prior to 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximat...
Ge Intelligent Platforms Proficy Dnp3 I/o Driver 7.20
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Dnp3 I/o Driver
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 8.1
Catapultsoftware Catapult Dnp3 I/o Driver
Ge Intelligent Platforms Proficy Hmi/scada Ifix 5.1
Ge Intelligent Platforms Proficy Hmi/scada Ifix 5.0
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 8.2
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 7.5
632
VMScore
CVE-2013-2811
The (1) Catapult DNP3 I/O driver prior to 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver prior to 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote malicious us...
Ge Intelligent Platforms Proficy Dnp3 I/o Driver 7.20
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Dnp3 I/o Driver
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 8.1
Catapultsoftware Catapult Dnp3 I/o Driver
Ge Intelligent Platforms Proficy Hmi/scada Ifix 5.1
Ge Intelligent Platforms Proficy Hmi/scada Ifix 5.0
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 8.2
Ge Intelligent Platforms Proficy Hmi/scada Cimplicity 7.5
NA
CVE-2023-1256
The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states.
Aveva Telemetry Server 2020r2
Aveva Aveva Plant Scada 2020r2
Aveva Aveva Plant Scada 2023
187
VMScore
CVE-2020-28219
A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and EcoStruxure Geo SCADA Expert 2020 (Original release and Monthly Updates to September...
Schneider-electric Ecostruxure Geo Scada Expert 2020
Schneider-electric Ecostruxure Geo Scada Expert 2019
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »