Opc Server
Monthly
A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.