CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-2848 – Kepware KEPServerEX Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-10 https://www.zerodayinitiative.com/advisories/ZDI-22-1454 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3158
https://notcve.org/view.php?id=CVE-2022-3158
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server. Rockwell Automation FactoryTalk VantagePoint versiones 8.0, 8.10, 8.20, 8.30 y 8.31, son vulnerables a una vulnerabilidad de comprobación de entrada. El servidor SQL de FactoryTalk VantagePoint carece de comprobación de entrada cuando los usuarios introducen sentencias SQL para recuperar información de la base de datos del back-end. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-38743
https://notcve.org/view.php?id=CVE-2022-38743
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited, this could allow the attacker to execute arbitrary code and gain access to restricted data. Rockwell Automation FactoryTalk VantagePoint versiones 8.0, 8.10, 8.20, 8.30, 8.31, son susceptibles a una vulnerabilidad de control de acceso inapropiada. La cuenta de FactoryTalk VantagePoint SQL Server podría permitir a un usuario malicioso con privilegios de sólo lectura ejecutar sentencias SQL en la base de datos del back-end. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38742 – Rockwell Automation ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack
https://notcve.org/view.php?id=CVE-2022-38742
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution. Rockwell Automation ThinManager ThinServer versiones 11.0.0 - 13.0.0, son vulnerables a un desbordamiento del búfer en la región heap de la memoria. Un atacante podría enviar una petición TFTP o HTTPS específicamente diseñada, causando un desbordamiento del búfer en la región heap de la memoria que bloquea el proceso de ThinServer. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136847 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2465 – ISaGRAF Workbench Deserialization of Untrusted Data CWE-502
https://notcve.org/view.php?id=CVE-2022-2465
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation ISaGRAF Workbench software versiones 6.0 hasta 6.6.9, están afectadas por una vulnerabilidad de Deserialización de Datos No Confiables. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03 • CWE-502: Deserialization of Untrusted Data •