The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy C ...
Continue Reading
July 26, 2022
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MD ...
Continue Reading
July 26, 2022
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations tha ...
Continue Reading
July 26, 2022
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. ...
Continue Reading
July 26, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M ...
Continue Reading
July 26, 2022
Warehouse Management System v1.0 was discovered to contain a SQL injection vulnerability via the cari parameter.Read More ...
Continue Reading
July 26, 2022
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.Read More ...
Continue Reading
July 26, 2022
An issue was discovered in yasm version 1.3.0. There is a use-after-free in error() in modules/preprocs/nasm/nasm-pp.c.Read More ...
Continue Reading
July 26, 2022
Back to Main
