Vyacheslav Moskvin

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior **Description** A CWE-665: Improper Initialization issue exists, potentially causing information exposure when an attacker sends a specially crafted message. **Recommendations** For versions V15.0.0.22020 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions prior to 15.0.0.22020 **Description** A Missing Authorization issue exists that could cause information exposure when an attacker sends a specific message. **Recommendations** For versions prior to 15.0.0.22020, update to a version later than 15.0.0.22020 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior **Description** A vulnerability exists that could cause modification of an existing file by adding to the end of the file or create a new file in the context of the Data Server, potentially leading to remote code execution when an attacker sends a specially crafted message. This issue is due to improper limitation of a pathname to a restricted directory. **Recommendations** For versions V15.0.0.22020 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior **Description** The issue is caused by a stack-based buffer overflow due to a buffer copy without checking the size of the input. This could potentially lead to remote code execution when an attacker sends a specially crafted message. **Recommendations** For versions V15.0.0.22020 and prior, update to a version that fixes the buffer overflow issue to prevent remote code execution. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior **Description** A denial of service issue exists due to an out-of-bounds read. This could be triggered by an attacker sending a specially crafted message, potentially causing a denial of service. The issue is related to reading data outside a specified buffer, which can be exploited by a remote attacker to cause a denial of service using a specially crafted message. **Recommendations** For versions V15.0.0.22020 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior **Description** A vulnerability exists that could cause modification of an existing file by inserting at the beginning of the file or create a new file in the context of the Data Server, potentially leading to remote code execution when an attacker sends a specially crafted message. This issue is due to improper limitation of a pathname to a restricted directory. **Recommendations** For versions V15.0.0.22020 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CODESYS V2 Web-Server versions prior to 1.1.9.20 **Description** The issue is related to improper access control in the CODESYS V2 Web-Server, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. This is due to errors in security settings. **Recommendations** For versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CODESYS V2 Web-Server versions prior to 1.1.9.20 **Description** The issue is caused by a buffer overflow in the dynamic memory of the CODESYS V2.3 web server, which is part of the CODESYS industrial automation software complex. This can allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is described as a stack-based buffer overflow. **Recommendations** For versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CODESYS V2 Web-Server versions prior to 1.1.9.20 **Description** The issue is caused by a buffer copy without checking the size of the input, which can lead to a buffer overflow on the stack. This can allow a remote attacker to cause a denial of service. **Recommendations** For CODESYS V2 Web-Server versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CODESYS V2 Web-Server versions prior to 1.1.9.20 **Description** The issue is related to an improperly implemented security check in the CODESYS V2 Web-Server, which is associated with inadequate access control. This can allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CODESYS V2 Web-Server versions prior to 1.1.9.20 **Description** The issue is caused by an out-of-bounds write, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. This is due to a buffer overflow in the dynamic memory of the CODESYS V2 web server component. **Recommendations** For versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CODESYS V2 Web-Server versions prior to 1.1.9.20 **Description** The issue is related to an out-of-bounds read in the CODESYS V2 Web-Server component of the CODESYS industrial automation software suite. This can be exploited by a remote attacker to disclose protected information and cause a denial of service. **Recommendations** For versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EVLink Parking versions 3.2.0-12 v1 and earlier **Description** A SQL Injection issue exists, which could allow a remote attacker to gain access to the web interface with full privileges. The vulnerability is related to a lack of protection measures for the SQL query structure, enabling potential exploitation. **Recommendations** For EVLink Parking versions 3.2.0-12 v1 and earlier, consider restricting access to the web interface as a temporary mitigation measure until a patch is available. Avoid using potentially vulnerable SQL queries in the affected interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EVLink Parking versions 3.2.0-12 v1 and earlier **Description** A Hard-coded Credentials issue exists, which could enable an attacker to gain access to the device. The vulnerability is related to the use of pre-installed credentials, allowing a remote attacker to exploit it and obtain device access. **Recommendations** For EVLink Parking versions 3.2.0-12 v1 and earlier, consider changing the hard-coded credentials to unique, strong passwords as a temporary workaround. Restrict access to the device to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EVLink Parking versions 3.2.0-12 v1 and earlier **Description** The issue is related to a code injection possibility, which could allow a remote attacker to gain access with maximum privileges. **Recommendations** For EVLink Parking versions 3.2.0-12 v1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ipswitch WhatsUp Gold versions prior to 18.0 **Description** A Server-Side Request Forgery (SSRF) issue was discovered in the NmAPI.exe executable. This allows malicious actors to submit specially crafted requests to gain unauthorized access to the system, obtain information about the system, or execute remote commands. The issue is related to insufficient validation of incoming requests. **Recommendations** For Ipswitch WhatsUp Gold versions prior to 18.0, update to version 18.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the NmAPI executable to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ipswitch WhatsUp Gold versions prior to 18.0 **Description** A Code Injection issue was discovered in DlgSelectMibFile.asp, related to errors in code generation management. This issue allows malicious actors to inject a specially crafted SNMP MIB file, potentially enabling them to execute arbitrary commands and code on the WhatsUp Gold server. **Recommendations** For versions prior to 18.0, update to version 18.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the DlgSelectMibFile.asp component to minimize the risk of exploitation. Avoid using specially crafted SNMP MIB files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact FL SWITCH versions 1.0 through 1.33 **Description** The issue is caused by a buffer overflow in the device's memory, allowing a remote attacker to gain unauthorized access to the device's OS files and execute arbitrary code. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions 1.0 through 1.33, update the firmware to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact FL SWITCH versions 1.0 through 1.33 **Description** The issue is caused by a buffer overflow in the memory of the menu pxc.cgi and index.cgi components of the managed switch firmware. This can be exploited by a remote attacker by sending a GET request with a specially crafted cookie, potentially allowing the execution of arbitrary code or causing a denial of service. **Recommendations** For versions 1.0 through 1.33, as a temporary workaround, consider restricting access to the vulnerable menu pxc.cgi and index.cgi components until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products versions 1.0 through 1.33 **Description** The issue is related to OS command injection due to the lack of neutralization of special elements in OS command inputs. This can allow a remote attacker to execute arbitrary commands. The vulnerability is associated with the config transfer.cgi and software update.cgi components of the firmware. **Recommendations** For versions 1.0 through 1.33, consider disabling the config transfer.cgi and software update.cgi components as a temporary workaround until a patch is available. Restrict access to these components to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.