SCADA Family for Nessus

IDNameSeverity
124591Advantech WebAccess webvrpcs.exe 0x138bd IOCTL RCE
critical
124329Advantech WebAccess webvrpcs.exe Arbitrary File Download
high
123010Rockwell Automation RSLinx Classic ENGINE.dll Stack Buffer Overflow (CVE-2019-6553)
critical
122424CODESYS V3 Runtime Service Detection
info
122186AVEVA InduSoft Web Studio / InTouch Edge HMI Command 66 RCE
critical
121006Detect PROFINET targets listening on the Network Layer.
info
1209473S CODESYS Runtime 3.x < 3.5.14.0 Insufficient Access Control Vulnerability
critical
119845Advantech WebAccess webvrpcs.exe IOCTL 70022 Stack Overflow
high
119265Rockwell Automation RSLinx Classic ENGINE.dll Stack Buffer Overflow
critical
119147Modicon Quantum HTTP Server 'formTest' 'name' Parameter XSS
medium
118711DNP3 Detection of Device attributes
info
118576AVEVA InduSoft Web Studio / InTouch Edge HMI UniSoft.dll wcscpy() Stack Overflow
critical
117671Rockwell Automation RSLinx Classic <= 4.00.01 Multiple Vulnerabilities
critical
117361Advantech WebAccess/SCADA Network Service Detection
info
117360Advantech WebAccess webvrpcs.exe Path Traversal RCE
critical
112162Siemens SIMATIC WinCC (TIA Portal) 10.x < 14 SP1 Upd6 Multiple Vulnerabilities (SSA-979106)
high
112124Siemens Automation License Manager 6.x < 6.0.1 Directory Traversal
high
112123Siemens Automation License Manager 5.x < 5.3.4.4 Multiple Vulnerabilities
high
111466AVEVA InduSoft Web Studio / InTouch Machine Edition Command 81 mbstowcs() Stack Overflow
critical
111139RedLion Crimson Protocol Detection
info
110534Rockwell Automation RSLinx Classic < 4.00.01 Local Privilege Escalation
high
109280Schneider Electric InduSoft Web Studio / InTouch Machine Edition Opcode 50 mbstowcs() Stack Overflow
critical
109146Schneider Electric InduSoft Web Studio Detection
info
109145Schneider Electric InTouch Machine Edition Detection
info
106229AVEVA InduSoft Web Studio / InTouch Edge HMI TCP/IP Server Detection
info
106228Schneider Electric InduSoft Web Studio / InTouch Machine Edition < 8.1 RCE
critical
104101Schneider Electric InduSoft Web Studio < 8.0 SP2 Patch 1 Unspecified Remote Command Execution (LFSEC00000121)
critical
103534Trihedral VTScada Detection
info
103533Trihedral VTScada 8.x < 11.2.02 Multiple Vulnerabilities
critical
103048Advantech WebAccess < 8.2_20170817 Multiple Vulnerabilities
critical
102991Siemens SIMATIC WinCC (TIA Portal) < 14 SP1 XXE Vulnerability
high
101930Fuji Electric V-Server Detection
info
100463GE Multilin UR / URPlus / B95Plus Relay Web Interface Detection
info
100462GE Multilin UR / URPlus / B95Plus Protection Relay Cryptographic Algorithm Weakness Information Disclosure (UR-2017-0001)
critical
100299Siemens SIMATIC WinCC (TIA Portal) 13 < 13 SP2 / 14 < 14 SP1 Multiple DoS
medium
99168Siemens S7 Protocol Support Detection
info
97667Siemens SIMATIC Logon Detection
info
97666Siemens SIMATIC Logon Authentication Bypass
critical
97436Modicon Modbus/TCP UnityPro Programming Function Code Access
medium
97327Ecava IntegraXor 5.0.413.0 getdata Requests Handling Multiple SQLi
critical
96876Advantech WebAccess SQLi
critical
96875Advantech WebAccess Authentication Bypass
critical
95716Siemens SIMATIC WinCC (TIA Portal) < 14 Unquoted Service Path Local Privilege Escalation (SSA-701708)
medium
95715Siemens SIMATIC STEP 7 (TIA Portal) < 14 Unquoted Service Path Local Privilege Escalation (SSA-701708)
medium
95714Siemens SINEMA Server < 13 SP2 Unquoted Service Path Local Privilege Escalation (SSA-701708)
medium
95713Siemens SINEMA Server Installed
info
94329OMRON FINS UDP Protocol Detection
info
94328OMRON FINS TCP Protocol Detection
info
91626Panasonic FPWIN Pro 5.x < 7.130 Multiple Vulnerabilities
medium
91625Panasonic Control FPWIN Pro Detection
info