3-Part Webinar Series:

Get highlights of new OT threat activity, vulnerabilities, and insights from frontline defense.

Skip to main content
Research

Software issues found by Dragos

Dragos Intel conducts hands-on research and testing for ICS/OT software, devices, and protocols to discover and address security vulnerabilities.

View Vulnerabilities Policy
This list of advisories provides insight into the specific vulnerabilities reported. It is updated recently as we discover vulnerabilities.
Sort By
Most Recent
Oldest

Threat Level

Name

CVE ID

Vulnerability Type

Affects

Possible Threat

CVE-2023-38557
 
 

Local M2:M36 Privilege Escalation

Spectrum Power 7 version V23Q3 and earlier.

Limited Threat

CVE-2023-31167
 
 

CVE-2023-34391
 
 

Directory Traversal

Insecure Filesystem Permissions

SEL-5033 version 1.35.151.20000 and earlier, SEL-5036 version 1.0.49152.777 and earlier

Limited Threat

CVE-2023-40706
 
 

CVE-2023-40708
 
 

CVE-2023-40709
 
 

CVE-2023-40710
 
 

Improper Restriction of Excessive Authentication Attempts

Improper Authorization

Denial of Service (DoS)

Denial of Service (DoS)

OPTO 22 SNAP PAC S1: Firmware version R10.3b

Limited Threat

CVE-2021-41544
 
 

CVE-2022-25634
 
 

Uncontrolled Search Path Element

Uncontrolled Search Path Element

Siemens Software Center versions prior to v3.0.

Possible Threat

CVE-2023-29444
 
 

CVE-2023-29445
 
 

CVE-2023-29446
 
 

CVE-2023-29447
 
 

DLL Hijacking

DLL Hijacking

UNC Path Injection

Insufficiently Protected Credentials

PTC’s KEPServerEx, v6.13.250.0 and prior

Limited Threat

CVE-2022-45790
 
 

CVE-2019-18269
 
 

CVE-2022-45792
 
 

CVE-2022-45793
 
 

CVE-2022-45794
 
 

CVE-2022-34151
 
 

CVE-2022-33971
 
 

CVE-2023-0811
 
 

Memory protection is vulnerable to brute force.

Memory protection may be set to non-ASCII characters

File formats vulnerable to Zip-Slip

Binaries are writable by low-privileged users

File transfer lacks authentication

Backdoor account with administrative privileges

Arbitrary code execution to an authenticated attacker

Unauthenticated user to set arbitrary passwords

Omron PLC CJ series, All versions, Omron PLC CS series, All versions, Omron PLC CP series, All versions, Omron PLC NX series, All versions, Omron Safety Controllers (SL3300): All versions

Limited Threat

CVE-2022-4046
 
 

CVE-2022-4224
 
 

CVE-2023-29446
 
 

Insufficient Read and Write Protection to Logic and Runtime Data

Access to Sensitive System Files

CODESYS Control for BeagleBone SL: All Versions, CODESYS Control for emPC-A/iMX6 SL: All Versions, CODESYS Control for IOT2000 SL: All Versions, CODESYS Control for Linux SL: All Versions, CODESYS Control for PFC100 SL: All Versions, CODESYS Control for PFC200 SL: All Versions, CODESYS Control for PLCnext SL: All Versions, CODESYS Control for Raspberry Pi SL: All Versions, CODESYS Control for WAGO Touch Panels 600 SL: All Versions, CODESYS Control RTE (for Beckhoff CX) SL: All Versions, CODESYS Control RTE (SL): All Versions, CODESYS Control Runtime System Toolkit: All Versions, CODESYS Control Win (SL): All Versions, CODESYS HMI (SL): All Versions, CODESYS Control RTE (SL): Prior to v3.5.19.0, CODESYS Control RTE (for Beckhoff CX) SL: Prior to v3.5.19.0, CODESYS Control Win (SL): Prior to v3.5.19.0, CODESYS Runtime Toolkit: Prior to v3.5.19.0, CODESYS Safety SIL2 Runtime Toolkit: Prior to v3.5.19.0, CODESYS Safety SIL2 PSP: Prior to v3.5.19.0, CODESYS HMI (SL): Prior to v3.5.19.0, CODESYS Development System V3: Prior to v3.5.19.0, CODESYS Control for BeagleBone SL: Prior to V4.8.0.0, CODESYS Control for emPC-A/iMX6 SL: Prior to V4.8.0.0, CODESYS Control for IOT2000 SL: Prior to V4.8.0.0, CODESYS Control for Linux SL: Prior to V4.8.0.0, CODESYS Control for PFC100 SL: Prior to V4.8.0.0 , CODESYS Control for PFC200 SL: Prior to V4.8.0.0, CODESYS Control for PLCnext SL: Prior to V4.8.0.0 , CODESYS Control for Raspberry Pi SL: Prior to V4.8.0.0, CODESYS Control for WAGO Touch Panels 600 SL: Prior to V4.8.0.0

Limited Threat

CVE-2023-28355
 
 

Integrity check fails to identify out-of-band logic changes

CODESYS Control V3 (All Versions)

Limited Threat

CVE-2022-43993
 
 

CVE-2022-43994
 
 

PITM and Traffic Intercept

No Client Authentication

NPort 6000 Series: v2.2 and prior, Windows Driver Manager Series (Windows 7 to 10 and Windows Server 2008 R2 to 2019, WHQL certified): v3.4 and prior, Windows Driver Manager Series (Windows 11 and Server 2022 and later, WHQL certified): v4.0 and prior

Limited Threat

CVE-2022-31652
 
 

CVE-2022-31653
 
 

Network Share Exposure with Default Credentials

Local Credential Exposure

AMS Device Manager: v14.5 an prior

Possible Threat

CVE-2022-34755​
 
 

Uncontrolled Search Path Element

Easergy Builder: v1.6.7.0 and prior

Limited Threat

CVE-2022-2006
 
 

CVE-2022-2005
 
 

CVE-2022-2004
 
 

CVE-2022-2003
 
 

Uncontrolled Resource Consumption

Cleartext Transmission of Sensitive Information

Uncontrolled Resource Consumption

Insufficiently Protected Credentials

DirectLogic 06 PLCs prior to v2.72, ECOM Ethernet module, C-More HMI

Limited Threat

CVE-2022-29898
 
 

CVE-2022-29897
 
 

RCE and Unrestricted File Upload via Configuration Uploader

RCE via Traceroute Utility

RAD-ISM-900-EN-BD: all versions, RAD-ISM-900-EN-BD/B: all versions, RAD-ISM-900-EN-BD-BUS: all versions

Limited Threat

CVE-2017-17562
 
 

CVE-2022-24119
 
 

CVE-2022-24116
 
 

CVE-2022-24118
 
 

CVE-2022-24120
 
 

CVE-2022-24117
 
 

Unauthenticated Remote Code Execution

iNET and iNET-II Factory Backdoor Use

iNET and iNET-II Wi-Fi Security Weaknesses

Factory Reset Authentication System

iNET and iNET-II Plaintext storage of system credentials

Unprotected Firmware Update

iNET/iNET II series radio firmware versions prior to rev. 8.3.0, SD series radio firmware versions prior to rev. 6.4.7, TD220X series radio firmware versions prior to rev. 2.0.16, TD220MAX series radio firmware versions prior to rev. 1.2.6

Limited Threat

CVE-2021-37581
 
 

CVE-2021-37582
 
 

Man-in-the-middle

Weak File Permissions

Emerson Security Setup Utility: v1.6.8 and prior, PlantWeb Insight: v2.3.4 and prior, Emerson v4 WirelessHART Gateways, (1410, 1420, 1552, 1410D): v4.8.0 and prior, Emerson v6 WirelessHART Gateways (1410S): v6.6.0 and prior

No Additional Advisories Found

Report Security Issues to Dragos

Report Vulnerabilities in the Dragos Platform, Hardware, Services, and Threat Intelligence solutions