Category Archives: Advisories

CVE-2020-14478

Read Time:15 Second

A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services.

Read More

CVE-2020-14480

Read Time:8 Second

Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials.

Read More

CVE-2020-14481

Read Time:18 Second

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain full access to the user’s operating system and certain components of FactoryTalk View SE.

Read More

CVE-2020-14502

Read Time:13 Second

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.

Read More

CVE-2020-14504

Read Time:10 Second

The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.

Read More

Backdoor.Win32.FTP.Ics / Port Bounce Scan (MITM)

Read Time:21 Second

Posted by malvuln on Feb 24

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Port Bounce Scan (MITM)
Description: The malware listens on TCP port 5554 and accepts any
credentials. Third-party intruders who successfully logon can abuse the
backdoor FTP server as a man-in-the-middle…

Read More

Backdoor.Win32.FTP.Ics / Port Bounce Scan (MITM)

Read Time:21 Second

Posted by malvuln on Feb 24

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Port Bounce Scan (MITM)
Description: The malware listens on TCP port 5554 and accepts any
credentials. Third-party intruders who successfully logon can abuse the
backdoor FTP server as a man-in-the-middle…

Read More

Backdoor.Win32.FTP.Ics / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Feb 24

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 5555. Third-party attackers
who can reach the system can run commands made available by the backdoor
hijacking the…

Read More

Backdoor.Win32.FTP.Ics / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Feb 24

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 5555. Third-party attackers
who can reach the system can run commands made available by the backdoor
hijacking the…

Read More

Backdoor.Win32.FTP.Ics / Authentication Bypass

Read Time:20 Second

Posted by malvuln on Feb 24

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP port 5554. Third-party
attackers who can reach infected systems can logon using any
username/password combination. Intruders may then…

Read More