Simplight
Products
2- 9 CVEs
- 1 CVE
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12635 | Hig | 0.49 | 7.5 | 0.01 | Jun 22, 2018 | CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs. | ||
| CVE-2017-9661 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2017 | An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in… | ||
| CVE-2023-30459 | 0.03 | — | 0.02 | Apr 14, 2023 | SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default). | |||
| CVE-2023-42493 | 0.00 | — | 0.00 | Oct 25, 2023 | EisBaer Scada - CWE-256: Plaintext Storage of a Password | |||
| CVE-2023-42492 | 0.00 | — | 0.00 | Oct 25, 2023 | EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key | |||
| CVE-2023-42490 | 0.00 | — | 0.01 | Oct 25, 2023 | EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor | |||
| CVE-2018-17899 | 0.00 | — | 0.08 | Oct 17, 2018 | LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution. | |||
| CVE-2018-17895 | 0.00 | — | 0.05 | Oct 17, 2018 | LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution. | |||
| CVE-2018-17911 | 0.00 | — | 0.03 | Oct 17, 2018 | LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution. |
- risk 0.49cvss 7.5epss 0.01
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
- risk 0.46cvss 7.0epss 0.01
An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in…
- CVE-2023-30459Apr 14, 2023risk 0.03cvss —epss 0.02
SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).
- CVE-2023-42493Oct 25, 2023risk 0.00cvss —epss 0.00
EisBaer Scada - CWE-256: Plaintext Storage of a Password
- CVE-2023-42492Oct 25, 2023risk 0.00cvss —epss 0.00
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
- CVE-2023-42490Oct 25, 2023risk 0.00cvss —epss 0.01
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CVE-2018-17899Oct 17, 2018risk 0.00cvss —epss 0.08
LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.
- CVE-2018-17895Oct 17, 2018risk 0.00cvss —epss 0.05
LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution.
- CVE-2018-17911Oct 17, 2018risk 0.00cvss —epss 0.03
LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.