Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-32540
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an malicious user to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could ...
Advantech Webaccess\\/scada
9.8
CVSSv3
CVE-2023-32628
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an malicious user to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.
Advantech Webaccess\\/scada
7.5
CVSSv3
CVE-2023-42488
EisBaer Scada - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Busbaer Eisbaer Scada
9.8
CVSSv3
CVE-2023-42489
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource
Busbaer Eisbaer Scada
7.5
CVSSv3
CVE-2023-42490
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Busbaer Eisbaer Scada
9.8
CVSSv3
CVE-2023-42491
EisBaer Scada - CWE-285: Improper Authorization
Busbaer Eisbaer Scada
9.8
CVSSv3
CVE-2023-42492
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
Busbaer Eisbaer Scada
9.8
CVSSv3
CVE-2023-42493
EisBaer Scada - CWE-256: Plaintext Storage of a Password
Busbaer Eisbaer Scada
9.8
CVSSv3
CVE-2023-42494
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function
Busbaer Eisbaer Scada
9.8
CVSSv3
CVE-2023-4485
ARDEREG ?Sistema SCADA Central versions 2.203 and prior login page are vulnerable to an unauthenticated blind SQL injection attack. An attacker could manipulate the application's SQL query logic to extract sensitive information or perform unauthorized actions within the data...
Ardereg Sistemas Scada
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »