Skip to main content

Siemens

319 CVEs vendor

Monthly

CVE-2013-4779 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP Siemens XSS Openscape Session Border Controller Enterprise Openscape Branch
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4778 HIGH This Week

core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Siemens Information Disclosure Openscape Session Border Controller Enterprise Openscape Branch
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-3927 MEDIUM This Month

Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Comos
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-3959 MEDIUM This Month

The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Information Disclosure Simatic Pcs7 Wincc
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-3958 HIGH This Week

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Simatic Pcs7 Wincc
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-3957 HIGH This Week

SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens SQLi Simatic Pcs7 Wincc
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2013-3634 HIGH This Week

A vulnerability has been identified in SCALANCE X-200 switch family (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Information Disclosure Scalance X200Irt Firmware Scalance X200 4P Irt Scalance X201 3P Irt +4
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2013-3633 HIGH This Week

A vulnerability has been identified in SCALANCE X-200 switch family (incl. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Siemens Scalance X200Irt Firmware Scalance X200 4P Irt Scalance X201 3P Irt +4
NVD
CVSS 2.0
8.0
EPSS
0.4%
CVE-2013-2780 HIGH This Week

Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Simatic S7 1200 Firmware Simatic S7 1200 Cpu 1211C Firmware Simatic S7 1200 Cpu 1212C Firmware +6
NVD
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-0700 HIGH This Week

Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Simatic S7 1200 Firmware Simatic S7 1200 Cpu 1211C Firmware Simatic S7 1200 Cpu 1212C Firmware +6
NVD
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-0659 CRITICAL Act Now

The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens RCE Cp 1604 Firmware Cp 1616 Firmware Cp 1604 +1
NVD
CVSS 2.0
10.0
EPSS
2.1%
CVE-2013-0679 MEDIUM This Month

Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Simatic Pcs7 Wincc
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2013-0678 MEDIUM This Month

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Simatic Pcs7 Wincc
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-0677 MEDIUM This Month

The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Information Disclosure Denial Of Service Simatic Pcs7 Wincc
NVD
CVSS 2.0
5.8
EPSS
0.5%
CVE-2013-0676 MEDIUM This Month

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Siemens Simatic Pcs7 Wincc
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-0675 MEDIUM This Month

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service Simatic Pcs7 Wincc
NVD
CVSS 2.0
6.1
EPSS
0.1%
CVE-2013-0674 MEDIUM This Month

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Siemens RCE Simatic Pcs7 Wincc
NVD
CVSS 2.0
6.8
EPSS
2.7%
CVE-2013-0672 LOW Monitor

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0671 MEDIUM This Month

Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Wincc Tia Portal
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-0670 MEDIUM This Month

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Code Injection Wincc Tia Portal
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0669 MEDIUM This Month

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Wincc Tia Portal
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-0668 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0667 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0656 MEDIUM This Month

Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGER Basic 3.0 and earlier, allows remote attackers to execute arbitrary code via a crafted web site. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Siemens RCE Simatic Rf Manager Simatic Rf Manager 2008
NVD
CVSS 2.0
6.8
EPSS
2.1%
CVE-2012-4698 MEDIUM This Month

Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Information Disclosure Ros Rox I Os Rox Ii Os +1
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-4693 LOW Monitor

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by. Rated low severity (CVSS 1.9). No vendor patch available.

Siemens Information Disclosure Wonderware Intouch Processsuite
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-4691 LOW Monitor

Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Siemens Denial Of Service Automation License Manager
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-5409 CRITICAL POC THREAT Emergency

AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.4%.

Buffer Overflow Siemens RCE Sipass Integrated
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
35.4%
Threat
4.6
CVE-2012-3040 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Simatic S7 1200 Firmware Simatic S7 1200 Cpu 1211C Firmware Simatic S7 1200 Cpu 1212C Firmware +6
NVD
CVSS 2.0
4.3
EPSS
1.2%
CVE-2012-3037 MEDIUM This Month

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Information Disclosure Simatic S7 1200 Firmware Simatic S7 1200 Cpu 1211C Firmware Simatic S7 1200 Cpu 1212C Firmware +6
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-3034 MEDIUM PATCH This Month

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Siemens Information Disclosure Simatic Pcs7 Wincc
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-3032 HIGH PATCH This Week

SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Siemens SQLi Simatic Pcs7 Wincc
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2012-3031 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Siemens XSS Simatic Pcs7 Wincc
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3030 MEDIUM PATCH This Month

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Siemens Simatic Pcs7 Wincc
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2012-3028 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Siemens Denial Of Service Simatic Pcs7 Wincc
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-3009 HIGH This Week

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Siemens Comos
NVD
CVSS 2.0
8.5
EPSS
0.3%
CVE-2012-3020 HIGH This Week

The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Synco Ozw Web Server Synco Ozw Web Server Firmware
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-3017 HIGH This Week

Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service Simatic S7 400 Cpu Firmware Simatic S7 400 Cpu 414 3 Pn Dp +2
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2012-3016 HIGH PATCH This Week

Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Siemens Denial Of Service Simatic S7 400 Cpu Firmware Simatic S7 400 Cpu 412 2 Pn Simatic S7 400 Cpu 414 3 Pn Dp +3
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2012-3015 MEDIUM This Month

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse. Rated medium severity (CVSS 6.9). No vendor patch available.

Siemens Information Disclosure Simatic Pcs7 Simatic Step 7
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2012-3003 MEDIUM This Month

Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Open Redirect Wincc
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2012-2598 MEDIUM This Month

Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Siemens Denial Of Service Wincc
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-2597 MEDIUM This Month

Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Wincc
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2012-2596 MEDIUM This Month

The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Code Injection RCE Wincc
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2012-2595 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-1802 HIGH This Week

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service RCE Scalance X414 3E Firmware +9
NVD
CVSS 2.0
7.8
EPSS
2.7%
CVE-2012-1800 MEDIUM This Month

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service RCE Scalance S Firmware +3
NVD
CVSS 2.0
6.1
EPSS
1.5%
CVE-2012-1799 CRITICAL Act Now

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Scalance S Firmware Scalance S602 Scalance S612 +1
NVD
CVSS 2.0
10.0
EPSS
1.8%
CVE-2010-2568 HIGH POC KEV PATCH THREAT Act Now

Remote code execution in Windows Shell across XP through Windows 7 via malicious .LNK or .PIF shortcut files automatically processed when displayed in Windows Explorer. Confirmed actively exploited (CISA KEV) in 2010 Stuxnet campaign targeting Siemens WinCC SCADA systems, with 92.13% EPSS score reflecting historical widespread exploitation. Public exploits available. Originally weaponized as zero-day before Microsoft MS10-046 patch release.

Siemens Microsoft RCE
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
92.1%
Threat
9.3
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP Siemens XSS +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Siemens Information Disclosure +2
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Comos
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Information Disclosure Simatic Pcs7 +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Simatic Pcs7 +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens SQLi Simatic Pcs7 +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SCALANCE X-200 switch family (incl. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Information Disclosure Scalance X200Irt Firmware +6
NVD
EPSS 0% CVSS 8.0
HIGH This Week

A vulnerability has been identified in SCALANCE X-200 switch family (incl. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Siemens Scalance X200Irt Firmware +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Simatic S7 1200 Firmware +8
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Simatic S7 1200 Firmware +8
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens RCE Cp 1604 Firmware +3
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Simatic Pcs7 +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Simatic Pcs7 +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Information Disclosure Denial Of Service +2
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Siemens Simatic Pcs7 +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service +2
NVD
EPSS 3% CVSS 6.8
MEDIUM This Month

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Siemens RCE +2
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Wincc Tia Portal
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Code Injection Wincc Tia Portal
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Wincc Tia Portal
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGER Basic 3.0 and earlier, allows remote attackers to execute arbitrary code via a crafted web site. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Siemens RCE +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Information Disclosure Ros +3
NVD
EPSS 0% CVSS 1.9
LOW Monitor

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by. Rated low severity (CVSS 1.9). No vendor patch available.

Siemens Information Disclosure Wonderware Intouch +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Siemens Denial Of Service Automation License Manager
NVD
EPSS 35% 4.6 CVSS 10.0
CRITICAL POC THREAT Emergency

AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.4%.

Buffer Overflow Siemens RCE +1
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Simatic S7 1200 Firmware +8
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Information Disclosure Simatic S7 1200 Firmware +8
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Siemens Information Disclosure Simatic Pcs7 +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Siemens SQLi Simatic Pcs7 +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Siemens XSS Simatic Pcs7 +1
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Siemens Simatic Pcs7 +1
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Siemens Denial Of Service +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Siemens Comos
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Synco Ozw Web Server +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Siemens Denial Of Service Simatic S7 400 Cpu Firmware +5
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse. Rated medium severity (CVSS 6.9). No vendor patch available.

Siemens Information Disclosure Simatic Pcs7 +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Siemens Open Redirect Wincc
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Siemens Denial Of Service +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Wincc
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Code Injection RCE +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service +11
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Siemens Denial Of Service +5
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Authentication Bypass Scalance S Firmware +3
NVD
EPSS 92% 9.3 CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Remote code execution in Windows Shell across XP through Windows 7 via malicious .LNK or .PIF shortcut files automatically processed when displayed in Windows Explorer. Confirmed actively exploited (CISA KEV) in 2010 Stuxnet campaign targeting Siemens WinCC SCADA systems, with 92.13% EPSS score reflecting historical widespread exploitation. Public exploits available. Originally weaponized as zero-day before Microsoft MS10-046 patch release.

Siemens Microsoft RCE
NVD Exploit-DB VulDB
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy