| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2637 | Insecure Loading of Code in B&R Products | B&R Industrial Automation | Scene Viewer | High | 7.2 | 2024-05-14 18:49:29 | Deep Dive |
| CVE-2023-7242 | Ethercat Zeek Plugin Out-of-bounds Read | CISA | Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek | High | 8.2 | 2024-03-01 20:17:51 | Deep Dive |
| CVE-2023-7243 | Ethercat Zeek Plugin Out-of-bounds Write | CISA | Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek | Critical | 9.8 | 2024-03-01 20:16:07 | Deep Dive |
| CVE-2023-7244 | Ethercat Zeek Plugin Out-of-bounds Write | CISA | Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek | Critical | 9.8 | 2024-03-01 20:14:27 | Deep Dive |
| CVE-2024-0220 | B&R products use insufficient communication encryption | B&R Industrial Automation | Automation Studio | High | 8.3 | 2024-02-22 10:15:45 | Deep Dive |
| CVE-2023-6028 | SDM Web interface vulnerable to XSS | B&R Industrial Automation | Automation Runtime | Medium | 6.1 | 2024-02-05 17:33:35 | Deep Dive |
| CVE-2024-0323 | FTP uses unsecure encryption mechanisms | B&R Industrial Automation | Automation Runtime | Critical | 9.8 | 2024-02-05 16:05:48 | Deep Dive |
| CVE-2021-22281 | Zip Slip Vulnerability in B&R Automation Studio Project Import | B&R Industrial Automation | Automation Studio | Medium | 6.3 | 2024-02-02 07:24:30 | Deep Dive |
| CVE-2020-24682 | Automation Studio and PVI Multiple unquoted service path vulnerabilities | B&R Industrial Automation | Automation Studio | High | 7.2 | 2024-02-02 07:11:44 | Deep Dive |
| CVE-2020-24681 | Automation Studio and PVI Multiple incorrect permission assignments for services | B&R Industrial Automation | Automation Studio | High | 8.2 | 2024-02-02 06:58:24 | Deep Dive |
| CVE-2021-22282 | RCE in B&R Automation Studio with crafted project files | B&R Industrial Automation | Automation Studio | High | 8.3 | 2024-02-02 06:38:32 | Deep Dive |
| CVE-2023-29447 | Insufficiently Protected Credentials in PTC's Kepware KEPServerEX | PTC | Kepware KEPServerEX | Medium | 5.7 | 2024-01-10 20:24:53 | Deep Dive |
| CVE-2023-29446 | Improper Input Validation in PTC's Kepware KEPServerEX | PTC | Kepware KEPServerEX | Medium | 4.7 | 2024-01-10 20:21:51 | Deep Dive |
| CVE-2023-29445 | Uncontrolled Search Path Element in PTC's Kepware KEPServerEX | PTC | Kepware KEPServerEX | High | 7.8 | 2024-01-10 20:17:13 | Deep Dive |
| CVE-2023-29444 | Uncontrolled Search Path Element in PTC's Kepware KEPServerEX | PTC | Kepware KEPServerEX | Medium | 6.3 | 2024-01-10 17:06:36 | Deep Dive |
| CVE-2023-5909 | Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx | PTC | KEPServerEX | High | 7.5 | 2023-11-30 22:06:00 | Deep Dive |
| CVE-2023-5908 | Heap Based Buffer Overflow in PTC KEPServerEx | PTC | KEPServerEX | Critical | 9.1 | 2023-11-30 22:03:58 | Deep Dive |
| CVE-2023-4149 | WAGO: OS Command Injection Vulnerability in Managed Switch | WAGO | Industrial Managed Switch (0852-0602) | Critical | 9.8 | 2023-11-21 07:00:25 | Deep Dive |
| CVE-2023-6099 | Shenzhen Youkate Industrial Facial Love Cloud Payment System Account SystemMng.ashx privileges management | Shenzhen Youkate Industrial | Facial Love Cloud Payment System | High | 7.3 | 2023-11-13 15:31:05 | Deep Dive |
| CVE-2023-5828 | Nanning Ontall Longxing Industrial Development Zone Project Construction and Installation Management System login.aspx sql injection | Nanning Ontall | Longxing Industrial Development Zone Project Construction and Installation Management System | High | 7.3 | 2023-10-27 19:31:05 | Deep Dive |