Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1256
The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states.
Aveva Telemetry Server 2020r2
Aveva Aveva Plant Scada 2020r2
Aveva Aveva Plant Scada 2023
418
VMScore
CVE-2013-2823
The (1) Catapult DNP3 I/O driver prior to 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver prior to 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximat...
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.1
Catapultsoftware Catapult Dnp3 I\\/o Driver
Ge Intelligent Platforms Proficy Dnp3 I\\/o Driver
Ge Intelligent Platforms Proficy Dnp3 I\\/o Driver 7.20
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 7.5
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.1
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.0
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.2
632
VMScore
CVE-2013-2811
The (1) Catapult DNP3 I/O driver prior to 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver prior to 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote malicious us...
Ge Intelligent Platforms Proficy Dnp3 I\\/o Driver 7.20
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 7.5
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.1
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.2
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.0
Catapultsoftware Catapult Dnp3 I\\/o Driver
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.1
Ge Intelligent Platforms Proficy Dnp3 I\\/o Driver
470
VMScore
CVE-2013-0653
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 up to and including 8.0, and Proficy Process Systems with CIMPLICITY, allows remote malicious users to read arbitrary files via a cr...
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 7.5
Ge Intelligent Platforms Proficy Process Systems With Cimplicity -
Ge Intelligent Platforms Proficy Process Systems -
828
VMScore
CVE-2013-0654
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 up to and including 8.0, and Proficy Process Systems with CIMPLICITY, allows remote malicious users to execute arbitrary commands or cause a denial of service (daemon crash) via a crafted packet.
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 7.5
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Process Systems With Cimplicity -
Ge Intelligent Platforms Proficy Process Systems -
383
VMScore
CVE-2012-4689
Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 up to and including 8.0, and Proficy Process Systems with CIMPLICITY, allows remote malicious users to cause a denial of service (daemon crash) via a malformed HTTP request.
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 7.5
Ge Intelligent Platforms Proficy Process Systems With Cimplicity -
Ge Intelligent Platforms Proficy Process Systems -
383
VMScore
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess\\/scada
446
VMScore
CVE-2018-16668
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.
Circontrol Circarlife Scada
446
VMScore
CVE-2018-16671
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is system software information disclosure due to lack of authentication for /html/device-id.
Circontrol Circarlife Scada
356
VMScore
CVE-2018-16672
An issue exists in CIRCONTROL CirCarLife prior to 4.3. Due to the storage of multiple sensitive information elements in a JSON format at /services/system/setup.json, an authenticated but unprivileged user can exfiltrate critical setup information.
Circontrol Circarlife Scada
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »