A denial of service (DoS) attack targeting port 80 (http service) can overload the device (CWE-770). This behaviour has been observed when running network security scanners.
Multiple W&T devices are shipped with a jQuery version with a known XSS vulnerability.
A security researcher discovered a privilege escalation vulnerability in the demo system area of the SMA Classic Portal, www.sunnyportal.com. Only systems of other users have been affected who unintendedly and illicitly had added their non-demo systems to the demo system area.
Sending too much data in the service telegram of AUMA actuators leads to a buffer overflow in the actuator controls. Depending on the actuator, the service telegram is transmitted either via Bluetooth or RS232
Multiple W&T Products are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via crafted payloads injected into several input fields of the configuration webpage.
Com-Server firmware versions prior to 1.60 support the insecure TLS 1.0 and TLS 1.1 protocols, which are susceptible to man-in-the-middle attacks and thereby compromise the confidentiality and integrity of data.
An unauthenticated attacker can read static visualization files of the CODESYS WebVisu, by bypassing the CODESYS Visualization user management applying forced browsing.
The versions of TRUMPF products stated below are including a version of log4net that’s prone to XXE (External XML Entities) attacks under certain circumstances. This means, the log4net code can be tricked into loading externally hosted, potentially malicious XML code and possibly executing it. This vulnerability allows for the execution of remote XML code, possibly resulting in unauthorized (remote) access to, change of data or disruption of the whole system running the vulnerable application.