CVE-2014-0778
published 2014-04-19CVE-2014-0778: TCPUploader module listens on Port 10651/TCP for incoming connections. Exploitation of this vulnerability could allow a remote unauthenticated user access to…
PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.31%
67.0th percentile
TCPUploader module listens on Port 10651/TCP for incoming connections.
Exploitation of this vulnerability could allow a remote unauthenticated
user access to release OS version information. While this is a minor
vulnerability, it represents a method for further network
reconnaissance.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progea | movicon | — | — |
| progea | movicon | >= 11.4 < Build 1150 | Build 1150 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4g3g-9jv2-fhx5: The TCPUploader module in Progea Movicon 11
ghsa_unreviewed·2022-05-17
CVE-2014-0778 [MEDIUM] CWE-200 GHSA-4g3g-9jv2-fhx5: The TCPUploader module in Progea Movicon 11
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
CISA ICS
Progea Movicon SCADA Information Disclosure Vulnerability
cisa_ics·2018-09-06
Progea Movicon SCADA Information Disclosure Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Progea Movicon SCADA Information Disclosure Vulnerability
Last RevisedSeptember 06, 2018
Alert CodeICSA-14-105-01
## OVERVIEW
Celil Ünüver of SignalSEC Ltd. has identified an information disclosure vulnerability in the Progea Movicon application. Progea has produced a new version that mitigates this vulnerability. The researcher has tested the new version to validate that it resolves the vulnerability.
This vulnerability could be exploited remotely.
## AFFECTED PRODUCTS
The following Progea Movicon versions are affected:
- Progea Movicon 11.4 prior to Build 1150.
## IMPACT
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-04-19
Published