CVE-2016-6535 (eh6108h+_firmware)

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.

Source: CVE-2016-6535 (eh6108h+_firmware)

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.

Source: CVE-2016-6535

CVE-2016-6415 (ios, ios_xe)

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.

Source: CVE-2016-6415 (ios, ios_xe)

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.

Source: CVE-2016-6415

CVE-2016-5814 (rslogix_500_professional_edition, rslogix_500_standard_edition, rslogix_500_starter_edition, rslogix_micro_developer, rslogix_micro_starter_lite)

Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file.

Source: CVE-2016-5814 (rslogix_500_professional_edition, rslogix_500_standard_edition, rslogix_500_starter_edition, rslogix_micro_developer, rslogix_micro_starter_lite)

CVE-2016-5814

Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file.

Source: CVE-2016-5814

CVE-2016-4860 (stardom_fcn/fcj)

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a (1) stop application program, (2) change value, or (3) modify application command.

Source: CVE-2016-4860 (stardom_fcn/fcj)

CVE-2016-4860

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a (1) stop application program, (2) change value, or (3) modify application command.

Source: CVE-2016-4860

CVE-2016-4526 (tracer_sc)

ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.

Source: CVE-2016-4526 (tracer_sc)

CVE-2016-4526

ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.

Source: CVE-2016-4526