Software issues found by Dragos
Dragos Intel conducts hands-on research and testing for ICS/OT software, devices, and protocols to discover and address security vulnerabilities.
Possible Threat
CVE-2023-38557
Local M2:M36 Privilege Escalation
Spectrum Power 7 version V23Q3 and earlier.
Limited Threat
CVE-2023-31167
CVE-2023-34391
Directory Traversal
Insecure Filesystem Permissions
SEL-5033 version 1.35.151.20000 and earlier, SEL-5036 version 1.0.49152.777 and earlier
Limited Threat
CVE-2023-40706
CVE-2023-40708
CVE-2023-40709
CVE-2023-40710
Improper Restriction of Excessive Authentication Attempts
Improper Authorization
Denial of Service (DoS)
Denial of Service (DoS)
OPTO 22 SNAP PAC S1: Firmware version R10.3b
Limited Threat
CVE-2021-41544
CVE-2022-25634
Uncontrolled Search Path Element
Uncontrolled Search Path Element
Siemens Software Center versions prior to v3.0.
Possible Threat
CVE-2023-29444
CVE-2023-29445
CVE-2023-29446
CVE-2023-29447
DLL Hijacking
DLL Hijacking
UNC Path Injection
Insufficiently Protected Credentials
PTC’s KEPServerEx, v6.13.250.0 and prior
Limited Threat
CVE-2022-45790
CVE-2019-18269
CVE-2022-45792
CVE-2022-45793
CVE-2022-45794
CVE-2022-34151
CVE-2022-33971
CVE-2023-0811
Memory protection is vulnerable to brute force.
Memory protection may be set to non-ASCII characters
File formats vulnerable to Zip-Slip
Binaries are writable by low-privileged users
File transfer lacks authentication
Backdoor account with administrative privileges
Arbitrary code execution to an authenticated attacker
Unauthenticated user to set arbitrary passwords
Omron PLC CJ series, All versions, Omron PLC CS series, All versions, Omron PLC CP series, All versions, Omron PLC NX series, All versions, Omron Safety Controllers (SL3300): All versions
Limited Threat
CVE-2022-4046
CVE-2022-4224
CVE-2023-29446
Insufficient Read and Write Protection to Logic and Runtime Data
Access to Sensitive System Files
CODESYS Control for BeagleBone SL: All Versions, CODESYS Control for emPC-A/iMX6 SL: All Versions, CODESYS Control for IOT2000 SL: All Versions, CODESYS Control for Linux SL: All Versions, CODESYS Control for PFC100 SL: All Versions, CODESYS Control for PFC200 SL: All Versions, CODESYS Control for PLCnext SL: All Versions, CODESYS Control for Raspberry Pi SL: All Versions, CODESYS Control for WAGO Touch Panels 600 SL: All Versions, CODESYS Control RTE (for Beckhoff CX) SL: All Versions, CODESYS Control RTE (SL): All Versions, CODESYS Control Runtime System Toolkit: All Versions, CODESYS Control Win (SL): All Versions, CODESYS HMI (SL): All Versions, CODESYS Control RTE (SL): Prior to v3.5.19.0, CODESYS Control RTE (for Beckhoff CX) SL: Prior to v3.5.19.0, CODESYS Control Win (SL): Prior to v3.5.19.0, CODESYS Runtime Toolkit: Prior to v3.5.19.0, CODESYS Safety SIL2 Runtime Toolkit: Prior to v3.5.19.0, CODESYS Safety SIL2 PSP: Prior to v3.5.19.0, CODESYS HMI (SL): Prior to v3.5.19.0, CODESYS Development System V3: Prior to v3.5.19.0, CODESYS Control for BeagleBone SL: Prior to V4.8.0.0, CODESYS Control for emPC-A/iMX6 SL: Prior to V4.8.0.0, CODESYS Control for IOT2000 SL: Prior to V4.8.0.0, CODESYS Control for Linux SL: Prior to V4.8.0.0, CODESYS Control for PFC100 SL: Prior to V4.8.0.0 , CODESYS Control for PFC200 SL: Prior to V4.8.0.0, CODESYS Control for PLCnext SL: Prior to V4.8.0.0 , CODESYS Control for Raspberry Pi SL: Prior to V4.8.0.0, CODESYS Control for WAGO Touch Panels 600 SL: Prior to V4.8.0.0
Limited Threat
CVE-2023-28355
Integrity check fails to identify out-of-band logic changes
CODESYS Control V3 (All Versions)
Limited Threat
CVE-2022-43993
CVE-2022-43994
PITM and Traffic Intercept
No Client Authentication
NPort 6000 Series: v2.2 and prior, Windows Driver Manager Series (Windows 7 to 10 and Windows Server 2008 R2 to 2019, WHQL certified): v3.4 and prior, Windows Driver Manager Series (Windows 11 and Server 2022 and later, WHQL certified): v4.0 and prior
Limited Threat
CVE-2022-31652
CVE-2022-31653
Network Share Exposure with Default Credentials
Local Credential Exposure
AMS Device Manager: v14.5 an prior
Possible Threat
CVE-2022-34755
Uncontrolled Search Path Element
Easergy Builder: v1.6.7.0 and prior
Limited Threat
CVE-2022-2006
CVE-2022-2005
CVE-2022-2004
CVE-2022-2003
Uncontrolled Resource Consumption
Cleartext Transmission of Sensitive Information
Uncontrolled Resource Consumption
Insufficiently Protected Credentials
DirectLogic 06 PLCs prior to v2.72, ECOM Ethernet module, C-More HMI
Limited Threat
CVE-2022-29898
CVE-2022-29897
RCE and Unrestricted File Upload via Configuration Uploader
RCE via Traceroute Utility
RAD-ISM-900-EN-BD: all versions, RAD-ISM-900-EN-BD/B: all versions, RAD-ISM-900-EN-BD-BUS: all versions
Limited Threat
CVE-2017-17562
CVE-2022-24119
CVE-2022-24116
CVE-2022-24118
CVE-2022-24120
CVE-2022-24117
Unauthenticated Remote Code Execution
iNET and iNET-II Factory Backdoor Use
iNET and iNET-II Wi-Fi Security Weaknesses
Factory Reset Authentication System
iNET and iNET-II Plaintext storage of system credentials
Unprotected Firmware Update
iNET/iNET II series radio firmware versions prior to rev. 8.3.0, SD series radio firmware versions prior to rev. 6.4.7, TD220X series radio firmware versions prior to rev. 2.0.16, TD220MAX series radio firmware versions prior to rev. 1.2.6
Limited Threat
CVE-2021-37581
CVE-2021-37582
Man-in-the-middle
Weak File Permissions
Emerson Security Setup Utility: v1.6.8 and prior, PlantWeb Insight: v2.3.4 and prior, Emerson v4 WirelessHART Gateways, (1410, 1420, 1552, 1410D): v4.8.0 and prior, Emerson v6 WirelessHART Gateways (1410S): v6.6.0 and prior
No Additional Advisories Found
Report Security Issues to Dragos
Report Vulnerabilities in the Dragos Platform, Hardware, Services, and Threat Intelligence solutions