controller
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-11737 | Cri | 0.64 | 9.8 | 0.01 | Dec 11, 2024 | CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device. | ||
| CVE-2025-3116 | Med | 0.42 | 6.5 | 0.00 | Jun 10, 2025 | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller. | ||
| CVE-2023-25620 | Med | 0.42 | 6.5 | 0.01 | Apr 19, 2023 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller by an authenticated user. |
- risk 0.64cvss 9.8epss 0.01
CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device.
- risk 0.42cvss 6.5epss 0.00
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing improper formatted body data to the controller.
- risk 0.42cvss 6.5epss 0.01
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when a malicious project file is loaded onto the controller by an authenticated user.