Unitronics: Security Vulnerabilities
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the device.
CVSS Score
9.1
EPSS Score
0.003
Published
2023-07-13
Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file.
CVSS Score
9.8
EPSS Score
0.098
Published
2016-06-25
Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename.
CVSS Score
9.6
EPSS Score
0.012
Published
2016-01-09
Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown vectors.
CVSS Score
7.5
EPSS Score
0.053
Published
2015-11-13
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.
CVSS Score
6.8
EPSS Score
0.016
Published
2015-11-13
Page 2