Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3322
Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions prior to 1.14, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long password to the Telnet (TCP/23) port, which trigge...
Scadatec Procyon Scada 1.13
Scadatec Procyon Scada 1.06
1 EDB exploit
7.5
CVSSv3
CVE-2023-0956
External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated malicious user to read files on the system.
Tel-ster Telwin Scada Webinterface 9.0
Tel-ster Telwin Scada Webinterface 8.0
Tel-ster Telwin Scada Webinterface
9.8
CVSSv3
CVE-2020-6970
A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 up to and including 3.3.3, where a specially crafted script could execute code on the OpenEnt...
Emerson Openenterprise Scada Server 2.8.3
Emerson Openenterprise Scada Server
7.8
CVSSv3
CVE-2022-32530
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: ...
Schneider-electric Geo Scada Mobile
Schneider-electric Geo Scada Mobile 2020
NA
CVE-2013-2829
MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a malformed DNP3 packet.
Matrikonopc Scada Dnp3 Opc Server
Matrikonopc Scada Dnp3 Opc Server 1.2.0
NA
CVE-2013-0657
Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and previous versions allows remote malicious users to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.
Schneider-electric Interactive Graphical Scada System
Schneider-electric Interactive Graphical Scada System 9.0
2 EDB exploits
7.8
CVSSv3
CVE-2020-25188
An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions before 4.3.1.870).
Laquisscada Scada
7
CVSSv3
CVE-2017-9661
An Uncontrolled Search Path Element issue exists in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an malicious user to place a malicious DLL file within the search path resulting in exe...
Simplight Scada
7.8
CVSSv3
CVE-2021-41579
LCDS LAquis SCADA up to and including 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locat...
Laquisscada Scada
7.8
CVSSv3
CVE-2020-28219
A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and EcoStruxure Geo SCADA Expert 2020 (Original release and Monthly Updates to September...
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »