Micrologix 1100 and 1400 controllers suffer from multiple vulnerabilities that allow unauthorized control of the PLC. Details of these vulnerabilities will be disclosed only to legitimate parties such as asset owners (utilities), after receiving the approval of the local CERT or any other local official entity.
488ad569c5cecbf68d458ed4c08071d485ed70de51bbe59a8bd1260aa745c3cb
PI SystemT suffers from an encryption weakness in the default authentication process.
66760cfdf156bb7fea9d0c1b3a2301e13f6007d57c16f6ac806c780ea156375c
C4 SCADA Security Advisory - Areva T+D E-TerraHabitat and E-TerraPlatform solutions suffer from denial of service and privilege escalation vulnerabilities.
313222dd8a72c861545fb4fffdbb7ca944ab74de61117f8bcd90eb111c777005
Proficy Information Portal version 2.6 passes a user's password base64 encoded on the wire, allowing for it to be easily intercepted and decoded.
193987184fe40b9994e6689d7dd2c17f6e7439290c4cec09274c18a66ec26f1d
Proficy Information Portal version 2.6 has a flaw that allows an authenticated attacker the ability to upload arbitrary code on the server.
8fe8e4b4c25860812b02f54a0cb017e1b4fc3b6c4390039ca199adb32e1f2f6b
Cimplicity HMI version 6.1, 6.1 SP5, and 6.1 SP6 all suffer from an exploitable heap overflow vulnerability.
ca32e6e16dfac1360f0eada284bc6fe1d217d79e79aab976e43fe12f5359abb4