Vulnerabilities > Unitronics > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-18 | CVE-2024-27767 | Unspecified vulnerability in Unitronics Unilogic CWE-287: Improper Authentication may allow Authentication Bypass | 9.8 |
| 2024-03-18 | CVE-2024-27768 | Unspecified vulnerability in Unitronics Unilogic Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE | 9.8 |
| 2023-12-05 | CVE-2023-6448 | Use of Hard-coded Credentials vulnerability in Unitronics products Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. | 9.8 |
| 2016-06-25 | CVE-2016-4519 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unitronics Visilogic Oplc IDE 9.8.0.00/9.8.22 Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file. | 9.8 |
| 2016-01-09 | CVE-2015-7939 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unitronics Visilogic Oplc IDE 9.8.0.00 Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename. | 9.6 |