Vulnerabilites related to automationdirect - c-more_ea9-t6cl
CVE-2024-11609 (GCVE-0-2024-11609)
Vulnerability from cvelistv5
Published
2025-01-30 20:18
Modified
2025-02-10 22:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24772.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1673/ | x_research-advisory | |
| https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/ | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AutomationDirect | C-More EA9 |
Version: 6.78 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-31T16:34:59.424911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T22:08:12.119Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "C-More EA9",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "6.78"
}
]
}
],
"dateAssigned": "2024-11-21T20:33:22.222Z",
"datePublic": "2024-12-11T19:33:21.842Z",
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24772."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T20:18:26.773Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1673",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1673/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/"
}
],
"source": {
"lang": "en",
"value": "Andrea Micalizzi aka rgod (@rgod777)"
},
"title": "AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-11609",
"datePublished": "2025-01-30T20:18:26.773Z",
"dateReserved": "2024-11-21T20:33:22.147Z",
"dateUpdated": "2025-02-10T22:08:12.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11610 (GCVE-0-2024-11610)
Vulnerability from cvelistv5
Published
2025-01-30 20:18
Modified
2025-02-10 22:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24773.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1674/ | x_research-advisory | |
| https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/ | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AutomationDirect | C-More EA9 |
Version: 6.78 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-31T16:34:45.664663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T22:08:05.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "C-More EA9",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "6.78"
}
]
}
],
"dateAssigned": "2024-11-21T20:33:27.022Z",
"datePublic": "2024-12-11T19:33:26.467Z",
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24773."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T20:18:47.291Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1674",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1674/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/"
}
],
"source": {
"lang": "en",
"value": "Andrea Micalizzi aka rgod (@rgod777)"
},
"title": "AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-11610",
"datePublished": "2025-01-30T20:18:47.291Z",
"dateReserved": "2024-11-21T20:33:26.969Z",
"dateUpdated": "2025-02-10T22:08:05.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2006 (GCVE-0-2022-2006)
Vulnerability from cvelistv5
Published
2022-08-31 15:33
Modified
2025-04-16 17:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Summary
AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AutomationDirect | C-more EA9 |
Version: EA9-T6CL < 6.73 Version: EA9-T6CL-R < 6.73 Version: EA9-T7CL < 6.73 Version: EA9-T7CL-R < 6.73 Version: EA9-T8CL < 6.73 Version: EA9-T10CL < 6.73 Version: EA9-T10WCL < 6.73 Version: EA9-T12CL < 6.73 Version: EA9-T15CL < 6.73 Version: EA9-RHMI < 6.73 Version: EA9-PGMSW < 6.73 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:27:48.143452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:49:35.105Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "C-more EA9",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T6CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T6CL-R",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T7CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T7CL-R",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T8CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T10CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T10WCL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T12CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T15CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-RHMI",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-PGMSW",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sam Hanson of Dragos reported this vulnerability to CISA."
}
],
"datePublic": "2022-06-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-31T15:33:03.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
],
"solutions": [
{
"lang": "en",
"value": "AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\n\nThe Webserver feature can be disabled on the HMI using the programming software.\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AutomationDirect C-more EA9 HMI Uncontrolled Search Path Element",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-06-16T17:00:00.000Z",
"ID": "CVE-2022-2006",
"STATE": "PUBLIC",
"TITLE": "AutomationDirect C-more EA9 HMI Uncontrolled Search Path Element"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C-more EA9",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "EA9-T6CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T6CL-R",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T7CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T7CL-R",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T8CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T10CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T10WCL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T12CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T15CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-RHMI",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-PGMSW",
"version_value": "6.73"
}
]
}
}
]
},
"vendor_name": "AutomationDirect"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sam Hanson of Dragos reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\n\nThe Webserver feature can be disabled on the HMI using the programming software.\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-2006",
"datePublished": "2022-08-31T15:33:03.440Z",
"dateReserved": "2022-06-06T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:49:35.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11611 (GCVE-0-2024-11611)
Vulnerability from cvelistv5
Published
2025-01-30 20:18
Modified
2025-02-06 21:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24774.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-1675/ | x_research-advisory | |
| https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/ | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AutomationDirect | C-More EA9 |
Version: 6.78 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T20:42:37.203630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T21:25:24.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "C-More EA9",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "6.78"
}
]
}
],
"dateAssigned": "2024-11-21T20:33:31.540Z",
"datePublic": "2024-12-11T19:33:32.159Z",
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24774."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T20:18:56.716Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1675",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1675/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/"
}
],
"source": {
"lang": "en",
"value": "Andrea Micalizzi aka rgod (@rgod777)"
},
"title": "AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-11611",
"datePublished": "2025-01-30T20:18:56.716Z",
"dateReserved": "2024-11-21T20:33:31.495Z",
"dateUpdated": "2025-02-06T21:25:24.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2005 (GCVE-0-2022-2005)
Vulnerability from cvelistv5
Published
2022-08-31 15:33
Modified
2025-04-16 16:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Summary
AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AutomationDirect | C-more EA9 |
Version: EA9-T6CL < 6.73 Version: EA9-T6CL-R < 6.73 Version: EA9-T7CL < 6.73 Version: EA9-T7CL-R < 6.73 Version: EA9-T8CL < 6.73 Version: EA9-T10CL < 6.73 Version: EA9-T10WCL < 6.73 Version: EA9-T12CL < 6.73 Version: EA9-T15CL < 6.73 Version: EA9-RHMI < 6.73 Version: EA9-PGMSW < 6.73 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:43.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:38.875988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:11:43.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "C-more EA9",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T6CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T6CL-R",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T7CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T7CL-R",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T8CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T10CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T10WCL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T12CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-T15CL",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-RHMI",
"versionType": "custom"
},
{
"lessThan": "6.73",
"status": "affected",
"version": "EA9-PGMSW",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sam Hanson of Dragos reported this vulnerability to CISA."
}
],
"datePublic": "2022-06-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-31T15:33:03.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
],
"solutions": [
{
"lang": "en",
"value": "AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\n\nThe Webserver feature can be disabled on the HMI using the programming software.\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AutomationDirect C-more EA9 HMI Cleartext Transmission",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-06-16T17:00:00.000Z",
"ID": "CVE-2022-2005",
"STATE": "PUBLIC",
"TITLE": "AutomationDirect C-more EA9 HMI Cleartext Transmission"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C-more EA9",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "EA9-T6CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T6CL-R",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T7CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T7CL-R",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T8CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T10CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T10WCL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T12CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-T15CL",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-RHMI",
"version_value": "6.73"
},
{
"version_affected": "\u003c",
"version_name": "EA9-PGMSW",
"version_value": "6.73"
}
]
}
}
]
},
"vendor_name": "AutomationDirect"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sam Hanson of Dragos reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\n\nThe Webserver feature can be disabled on the HMI using the programming software.\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-2005",
"datePublished": "2022-08-31T15:33:03.273Z",
"dateReserved": "2022-06-06T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:11:43.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6969 (GCVE-0-2020-6969)
Vulnerability from cvelistv5
Published
2020-02-05 15:09
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-522 - INSUFFICIENTLY PROTECTED CREDENTIALS ()
Summary
It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-20-035-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | C-More Touch Panels EA9 series |
Version: firmware versions prior to 6.53 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-035-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "C-More Touch Panels EA9 series",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to 6.53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It is possible to unmask credentials and other sensitive information on \u201cunprotected\u201d project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "INSUFFICIENTLY PROTECTED CREDENTIALS (CWE-522)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T15:09:30",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-035-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-6969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "C-More Touch Panels EA9 series",
"version": {
"version_data": [
{
"version_value": "firmware versions prior to 6.53"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It is possible to unmask credentials and other sensitive information on \u201cunprotected\u201d project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INSUFFICIENTLY PROTECTED CREDENTIALS (CWE-522)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-035-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-035-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-6969",
"datePublished": "2020-02-05T15:09:30",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2025-01-30 21:15
Modified
2025-08-12 15:10
Severity ?
Summary
AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24774.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65087EA5-2DDB-49B9-9997-D52CFF19AF65",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5969F26-54AD-4B00-8DC1-A4EB11631356",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98753B3A-991A-4BC5-BBF1-6D6924BFD706",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2479F9-6478-4AAB-93BD-6468F53D9025",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614D9E0C-9EA4-41F1-9BB8-7AEF2DE93E69",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t12cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35774FA3-1430-45FE-BDD7-32C848022EF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0915B5AE-61C1-4013-B467-21DDE707C27F",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29349870-42A9-4396-B18A-BE84CDC465AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241575ED-8DB9-4B18-A890-3DCCAF86AEA4",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F78004B8-280F-4FCD-AF1B-7E555757CE35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4F5101-B244-44B6-B2BB-A8003AEC8428",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "836DDC4C-44DB-4546-B73E-F60CDE8DCCDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F692927-C4FA-47EF-A84D-81622C62605C",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4691377D-CDFF-40A3-9D17-F968DF50F731",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9B27B6-E4EB-4800-BF0E-A71A42D64F21",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t8cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA82FDA-81D9-4A78-9CA4-E1B05D779F15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-rhmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61CECBD8-413A-4DB9-B1D1-DBC591733751",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-rhmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ADD33CE-EA3E-475E-803C-B8569BA66120",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24774."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de memoria en el an\u00e1lisis de archivos de AutomationDirect C-More EA9 EAP9. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de AutomationDirect C-More EA9. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos EAP9. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24774. Era ZDI-CAN-24774."
}
],
"id": "CVE-2024-11611",
"lastModified": "2025-08-12T15:10:32.590",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-01-30T21:15:13.450",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1675/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 21:15
Modified
2025-08-12 15:10
Severity ?
Summary
AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24772.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65087EA5-2DDB-49B9-9997-D52CFF19AF65",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5969F26-54AD-4B00-8DC1-A4EB11631356",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98753B3A-991A-4BC5-BBF1-6D6924BFD706",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2479F9-6478-4AAB-93BD-6468F53D9025",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614D9E0C-9EA4-41F1-9BB8-7AEF2DE93E69",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t12cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35774FA3-1430-45FE-BDD7-32C848022EF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0915B5AE-61C1-4013-B467-21DDE707C27F",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29349870-42A9-4396-B18A-BE84CDC465AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241575ED-8DB9-4B18-A890-3DCCAF86AEA4",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F78004B8-280F-4FCD-AF1B-7E555757CE35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4F5101-B244-44B6-B2BB-A8003AEC8428",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "836DDC4C-44DB-4546-B73E-F60CDE8DCCDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F692927-C4FA-47EF-A84D-81622C62605C",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4691377D-CDFF-40A3-9D17-F968DF50F731",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9B27B6-E4EB-4800-BF0E-A71A42D64F21",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t8cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA82FDA-81D9-4A78-9CA4-E1B05D779F15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-rhmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61CECBD8-413A-4DB9-B1D1-DBC591733751",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-rhmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ADD33CE-EA3E-475E-803C-B8569BA66120",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24772."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en pila de an\u00e1lisis de archivos de AutomationDirect C-More EA9 EAP9. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de AutomationDirect C-More EA9. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos EAP9. El problema es el resultado de la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24772."
}
],
"id": "CVE-2024-11609",
"lastModified": "2025-08-12T15:10:28.867",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-01-30T21:15:13.163",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1673/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-05 16:15
Modified
2024-11-21 05:36
Severity ?
Summary
It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-035-01 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-035-01 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-rhi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67C9D95D-09AE-42A8-9003-2F89FA3F3032",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-rhi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2EDE46-B4A9-4671-B26B-062AD4D67B07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1644B9-E5A8-48D6-86B2-4ECC7849C2EB",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "913C69FB-CEE6-4C94-9B05-225C18A534BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3FE546-EB42-42D3-826B-8B3F052FB11B",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90ABFD5B-56A5-4C29-941C-B31674DC0246",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t7cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53DF1C63-592A-4442-BE4E-BAEB3057ACBA",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t7cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5291AE73-AE02-4456-8003-06DCE502E90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t7cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10351EE-FB78-496E-99A5-0344B0C76A55",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t7cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F18D5A-F9CC-406E-AD49-BE7024249323",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C16B84E-D1E8-455F-BFEB-C39821C782BD",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t8cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9CF409-9A24-4959-9686-CEDA2B69B9BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57AF91D3-9B6F-4112-ADF9-FC80188DFACD",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9895C6-97CD-46BB-B786-3B949D2F730F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF217895-BD18-4D9A-B9B8-E5E29790D5D3",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD0E831-40A4-4553-A0AD-69E778CBF4A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C3D663-1A06-429A-AA95-CCD5FAAE16B2",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t12cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572C2BCC-86AA-4922-9864-44E5666FC921",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526FAF52-68A8-4E73-93CA-06D78643B17B",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBF321B-7E79-4BF2-8EC9-78DF710B9247",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F15479E-5C94-4637-982D-541C1DC04E73",
"versionEndExcluding": "6.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80619ADC-EE57-46EE-9F0C-0D3810A5AA98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It is possible to unmask credentials and other sensitive information on \u201cunprotected\u201d project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations."
},
{
"lang": "es",
"value": "Es posible desenmascarar credenciales y otra informaci\u00f3n confidencial en archivos de proyecto \"desprotegidos\", lo que puede permitir a un atacante acceder de forma remota a la serie EA9 de C-More Touch Panels: versiones de firmware anteriores a la versi\u00f3n 6.53 y manipular las configuraciones del sistema."
}
],
"id": "CVE-2020-6969",
"lastModified": "2024-11-21T05:36:24.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-05T16:15:11.520",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-035-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-035-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 21:15
Modified
2025-08-12 15:10
Severity ?
Summary
AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24773.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65087EA5-2DDB-49B9-9997-D52CFF19AF65",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5969F26-54AD-4B00-8DC1-A4EB11631356",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98753B3A-991A-4BC5-BBF1-6D6924BFD706",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2479F9-6478-4AAB-93BD-6468F53D9025",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614D9E0C-9EA4-41F1-9BB8-7AEF2DE93E69",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t12cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35774FA3-1430-45FE-BDD7-32C848022EF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0915B5AE-61C1-4013-B467-21DDE707C27F",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29349870-42A9-4396-B18A-BE84CDC465AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241575ED-8DB9-4B18-A890-3DCCAF86AEA4",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F78004B8-280F-4FCD-AF1B-7E555757CE35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4F5101-B244-44B6-B2BB-A8003AEC8428",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "836DDC4C-44DB-4546-B73E-F60CDE8DCCDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F692927-C4FA-47EF-A84D-81622C62605C",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4691377D-CDFF-40A3-9D17-F968DF50F731",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9B27B6-E4EB-4800-BF0E-A71A42D64F21",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t8cl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA82FDA-81D9-4A78-9CA4-E1B05D779F15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-rhmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61CECBD8-413A-4DB9-B1D1-DBC591733751",
"versionEndIncluding": "6.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-rhmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ADD33CE-EA3E-475E-803C-B8569BA66120",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24773."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de memoria en el an\u00e1lisis de archivos de AutomationDirect C-More EA9 EAP9. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de AutomationDirect C-More EA9. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos EAP9. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24773."
}
],
"id": "CVE-2024-11610",
"lastModified": "2025-08-12T15:10:30.950",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-01-30T21:15:13.303",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/en/bulletins/bulletins/2182-automationdirect-c-more-ea9-programming-software/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1674/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-31 16:15
Modified
2024-11-21 07:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5219FEAE-097C-489D-A1C3-7F23785FB052",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90ABFD5B-56A5-4C29-941C-B31674DC0246",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C251BA3-5294-44F1-9C6E-ED21386A282C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "913C69FB-CEE6-4C94-9B05-225C18A534BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t7cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61822593-36E3-49BD-AF41-E491C4E31F0C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t7cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F18D5A-F9CC-406E-AD49-BE7024249323",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t7cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "510915F7-03CE-4A57-AD96-CF01894FF83B",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t7cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5291AE73-AE02-4456-8003-06DCE502E90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1488B5F2-83EA-4CA7-ABE0-70C9B078396A",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t8cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9CF409-9A24-4959-9686-CEDA2B69B9BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904EF216-C2B5-49DF-B945-178620C7A2FA",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9895C6-97CD-46BB-B786-3B949D2F730F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25683BCF-5F17-40D2-BE2F-D6021C3EC80C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD0E831-40A4-4553-A0AD-69E778CBF4A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB7C6E-2E3B-4F66-9E59-D394BBEF2C9C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t12cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572C2BCC-86AA-4922-9864-44E5666FC921",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF663D37-0BA4-4838-96E5-BEF0801B8B41",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80619ADC-EE57-46EE-9F0C-0D3810A5AA98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3749F3B8-FD08-41AB-B1DA-9BE1BD97ECBA",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBF321B-7E79-4BF2-8EC9-78DF710B9247",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-rhmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1F822D-D281-4DF0-BD1F-A90F5A2048CE",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-rhmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ADD33CE-EA3E-475E-803C-B8569BA66120",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-pgmsw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6590E0-AA99-45FD-A6F2-396A8A36288C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-pgmsw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED568CF-8743-4A6D-B67D-93A9A797D596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
},
{
"lang": "es",
"value": "AutomationDirect DirectLOGIC presenta una vulnerabilidad de DLL en el directorio de instalaci\u00f3n que puede permitir a un atacante ejecutar c\u00f3digo durante el proceso de instalaci\u00f3n. Este problema afecta a: AutomationDirect C-more EA9 EA9-T6CL versiones anteriores a 6.73; EA9-T6CL-R versiones anteriores a 6.73; EA9-T7CL versiones anteriores a 6.73; EA9-T7CL-R versiones anteriores a 6.73; EA9-T8CL versiones anteriores a 6. 73; EA9-T10CL versiones anteriores a 6.73; EA9-T10WCL versiones anteriores a 6.73; EA9-T12CL versiones anteriores a 6.73; EA9-T15CL versiones anteriores a 6.73; EA9-RHMI versiones anteriores a 6.73; EA9-PGMSW versiones anteriores a 6.73;"
}
],
"id": "CVE-2022-2006",
"lastModified": "2024-11-21T07:00:09.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-31T16:15:10.580",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-31 16:15
Modified
2024-11-21 07:00
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5219FEAE-097C-489D-A1C3-7F23785FB052",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90ABFD5B-56A5-4C29-941C-B31674DC0246",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C251BA3-5294-44F1-9C6E-ED21386A282C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "913C69FB-CEE6-4C94-9B05-225C18A534BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t7cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61822593-36E3-49BD-AF41-E491C4E31F0C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t7cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F18D5A-F9CC-406E-AD49-BE7024249323",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t7cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "510915F7-03CE-4A57-AD96-CF01894FF83B",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t7cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5291AE73-AE02-4456-8003-06DCE502E90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1488B5F2-83EA-4CA7-ABE0-70C9B078396A",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t8cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9CF409-9A24-4959-9686-CEDA2B69B9BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904EF216-C2B5-49DF-B945-178620C7A2FA",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9895C6-97CD-46BB-B786-3B949D2F730F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25683BCF-5F17-40D2-BE2F-D6021C3EC80C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD0E831-40A4-4553-A0AD-69E778CBF4A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB7C6E-2E3B-4F66-9E59-D394BBEF2C9C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t12cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "572C2BCC-86AA-4922-9864-44E5666FC921",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF663D37-0BA4-4838-96E5-BEF0801B8B41",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80619ADC-EE57-46EE-9F0C-0D3810A5AA98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3749F3B8-FD08-41AB-B1DA-9BE1BD97ECBA",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBF321B-7E79-4BF2-8EC9-78DF710B9247",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-rhmi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1F822D-D281-4DF0-BD1F-A90F5A2048CE",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-rhmi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4ADD33CE-EA3E-475E-803C-B8569BA66120",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:automationdirect:c-more_ea9-pgmsw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6590E0-AA99-45FD-A6F2-396A8A36288C",
"versionEndExcluding": "6.73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:automationdirect:c-more_ea9-pgmsw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED568CF-8743-4A6D-B67D-93A9A797D596",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
},
{
"lang": "es",
"value": "El servidor web HTTP de AutomationDirect C-more EA9 usa un mecanismo inseguro para transportar las credenciales del cliente al servidor web, lo que puede permitir a un atacante obtener las credenciales de inicio de sesi\u00f3n e iniciar sesi\u00f3n como un usuario v\u00e1lido. Este problema afecta a: AutomationDirect C-more EA9 versiones EA9-T6CL anteriores a la 6.73; EA9-T6CL-R versiones anteriores a la 6.73; EA9-T7CL versiones anteriores a la 6.73; EA9-T7CL-R versiones anteriores a la 6.73; EA9-T8CL versiones anteriores a la 6. 73; EA9-T10CL versiones anteriores a 6.73; EA9-T10WCL versiones anteriores a 6.73; EA9-T12CL versiones anteriores a 6.73; EA9-T15CL versiones anteriores a 6.73; EA9-RHMI versiones anteriores a 6.73; EA9-PGMSW versiones anteriores a 6.73;"
}
],
"id": "CVE-2022-2005",
"lastModified": "2024-11-21T07:00:09.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-31T16:15:10.523",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}