Nessus 的 SCADA 系列

ID名稱嚴重性
149307CodeMeter 執行階段可預測的加密金鑰
critical
137356Inductive Automation Ignition 8.x < 8.0.10 多個弱點
high
1361823S CODESYS Runtime 3.x < 3.5.15.40 多個弱點
critical
1349773S CODESYS Runtime 3.x < 3.5.14.20 多個弱點
critical
133216Siemens SIMATIC STEP 7 的 TIA Portal 中有本機權限提升弱點 (SSA-629512)
high
131775Siemens SIMATIC S7-1200 PLC UDP 拒絕服務 (CVE-2019-10936)
high
131736CODESYS ENI 伺服器 < 3.2.2.25 堆疊溢位 (經認證的檢查)
critical
1317043S CODESYS CmpWebServerHandlerV3 堆積型緩衝區溢位
critical
131402Siemens SINEMA Remote Connect Server 多個弱點 (SSA-884497)
critical
131401Siemens SINEMA Remote Connect Server 偵測
info
130431CODESYS Gateway V3 偵測
info
130430CODESYS Gateway V3 DoS
high
1294693S CODESYS V3 CmpWebServer 多個弱點
critical
129292Advantech WebAccess webvprcs IOCTL 70603 堆疊溢位
critical
1271393S CODESYS V3 CmpUserMgr 3.x < 3.5.16.0 密碼傳輸弱點
high
127057Siemens SIMATIC WinCC (TIA Portal) 程式碼上傳弱點 (SSA-121293)
high
126469Advantech WebAccess webvprcs IOCTL 10012 堆疊溢位
critical
125392Siemens SIMATIC WinCC (TIA Portal) < 15 Update 4 多個弱點 (SSA-233109)
high
125312Rockwell Automation MicroLogix 1100/1400 和 CompactLogix 5370 控制器開放重新導向弱點
medium
124591Advantech WebAccess webvrpcs.exe 0x138bd IOCTL RCE
critical
124329Advantech WebAccess webvrpcs.exe 任意檔案下載
high
123010Rockwell Automation RSLinx Classic ENGINE.dll 堆疊緩衝區溢位 (CVE-2019-6553)
critical
122424CODESYS V3 執行階段服務偵測
info
122186AVEVA InduSoft Web Studio/InTouch Edge HMI Command 66 RCE
critical
121006偵測網路層上 PROFINET 目標接聽。
info
1209473S CODESYS Runtime 3.x < 3.5.14.0 存取控制不足弱點
critical
119845Advantech WebAccess webvrpcs.exe IOCTL 70022 堆疊溢位
high
119265Rockwell Automation RSLinx Classic ENGINE.dll 堆疊緩衝區溢位
critical
119147Modicon Quantum HTTP 伺服器 'formTest' 'name' 參數 XSS
medium
118711DNP3 裝置屬性偵測
info
118576AVEVA InduSoft Web Studio/InTouch Edge HMI UniSoft.dll wcscpy() 堆疊溢位
critical
117671Rockwell Automation RSLinx Classic <= 4.00.01 多個弱點
critical
117361Advantech WebAccess/SCADA 網路服務偵測
info
117360Advantech WebAccess webvrpcs.exe 路徑遊走 RCE
critical
112162Siemens SIMATIC WinCC (TIA Portal) 10.x < 14 SP1 Upd6 多個弱點 (SSA-979106)
high
112124Siemens Automation License Manager 6.x < 6.0.1 目錄遊走
high
112123Siemens Automation License Manager 5.x < 5.3.4.4 多個弱點
high
111466AVEVA InduSoft Web Studio/InTouch Machine Edition Command 81 mbstowcs() 堆疊溢位
critical
111139RedLion Crimson 通訊協定偵測
info
110534Rockwell Automation RSLinx Classic < 4.00.01 本機權限提升
high
109280Schneider Electric InduSoft Web Studio / InTouch Machine Edition Opcode 50 mbstowcs() 堆疊溢位
critical
109146Schneider Electric InduSoft Web Studio 偵測
info
109145Schneider Electric InTouch Machine Edition 偵測
info
106229AVEVA InduSoft Web Studio/InTouch Edge HMI TCP/IP 伺服器偵測
info
106228Schneider Electric InduSoft Web Studio/InTouch Machine Edition < 8.1 RCE
critical
104101Schneider Electric InduSoft Web Studio < 8.0 SP2 Patch 1 不明遠端命令執行 (LFSEC00000121)
critical
103534Trihedral VTScada 偵測
info
103533Trihedral VTScada 8.x < 11.2.02 多個弱點
critical
103048Advantech WebAccess < 8.2_20170817 多個弱點
critical
102991Siemens SIMATIC WinCC (TIA Portal) < 14 SP1 XXE 弱點
high