Automationdirect C-More Ea9 Hmi Ea9-Rhmi vulnerabilities
4 known vulnerabilities affecting automationdirect/c-more_ea9_hmi_ea9-rhmi.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-0960P2CRITICALCVSS 9.8≤ v6.792025-02-04
CVE-2025-0960 [CRITICAL] CWE-120 CVE-2025-0960: AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which co
AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving remote code execution on the affected device.
nvd
CVE-2024-25136P3HIGHCVSS 7.5≤ 6.772024-03-26
CVE-2024-25136 [HIGH] CWE-22 CVE-2024-25136: There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative p
There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content.
nvd
CVE-2024-25138P3MEDIUMCVSS 6.5≤ 6.772024-03-26
CVE-2024-25138 [MEDIUM] CWE-256 CVE-2024-25138: In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on
In AutomationDirect C-MORE EA9 HMI,
credentials used by the platform are stored as plain text on the device.
nvd
CVE-2024-25137P4MEDIUMCVSS 4.3≤ 6.772024-03-26
CVE-2024-25137 [MEDIUM] CWE-121 CVE-2024-25137: In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by
In AutomationDirect C-MORE EA9 HMI there is a program that copies a buffer of a size controlled by the user into a limited sized buffer on the stack which may lead to a stack overflow. The result of this stack-based buffer overflow can lead to denial-of-service conditions.
nvd