Unitronics
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Unitronics product.
RSS Feeds for Unitronics security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Unitronics products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Unitronics Sorted by Most Security Vulnerabilities since 2018
Known Exploited Unitronics Vulnerabilities
The following Unitronics vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Unitronics Vision PLC and HMI Insecure Default Password Vulnerability |
Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands. CVE-2023-6448 Exploit Probability: 13.3% |
December 11, 2023 |
By the Year
In 2026 there have been 0 vulnerabilities in Unitronics. Unitronics did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 9 | 8.62 |
| 2023 | 1 | 9.80 |
It may take a day or so for new Unitronics vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Unitronics Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2024-38435 | Jul 21, 2024 |
Unitronics Vision PLC: Improper Handling of Exceptional Conditions Enables DoSUnitronics Vision PLC CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service |
Vision Plc
Visilogic
|
| CVE-2024-27774 | Mar 18, 2024 |
Unitronics Unistream Unilogic <1.35.227 Hard-coded Password DisclosureUnitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware |
Unilogic
|
| CVE-2024-27773 | Mar 18, 2024 |
Unitronics Unistream Unilogic RCE in <1.35.227 CVE-2024-27773Unitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE |
Unilogic
|
| CVE-2024-27772 | Mar 18, 2024 |
Unitronics Unistream Unilogic OS Command Injection RCE (before 1.35.227)Unitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE |
Unilogic
|
| CVE-2024-27771 | Mar 18, 2024 |
Unitronics Unistream Unilogic Path Traversal RCE before 1.35.227Unitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE |
Unilogic
|
| CVE-2024-27770 | Mar 18, 2024 |
Unitronics Unistream Unilogic Path Traversal <=1.35.227 (CVE-2024-27770)Unitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-23: Relative Path Traversal |
Unilogic
|
| CVE-2024-27769 | Mar 18, 2024 |
Unitronics Unistream <1.35.227: Info Exposure Enabling TakeoverUnitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices |
Unilogic
|
| CVE-2024-27768 | Mar 18, 2024 |
Path Traversal in Unitronics Unistream Unilogic (1.35.227) Enables RCEUnitronics Unistream Unilogic Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE |
Unilogic
|
| CVE-2024-27767 | Mar 18, 2024 |
Improper Authentication Bypass CVE-2024-27767CWE-287: Improper Authentication may allow Authentication Bypass |
Unilogic
|
| CVE-2023-6448 | Dec 05, 2023 |
Unitronics VisiLogic <9.9.00 Default Admin Pass VulnerabilityUnitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system. |
Visilogic
|