Skip to main content

Simatic Logon

3 CVEs product

Monthly

CVE-2021-3449 Cargo MEDIUM PATCH This Month

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference OpenSSL Denial Of Service Debian Linux Freebsd +103
NVD
CVSS 3.1
5.9
EPSS
62.9%
CVE-2017-9938 HIGH This Week

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Siemens Simatic Logon
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2017-2684 CRITICAL Act Now

Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Authentication Bypass Simatic Logon
NVD
CVSS 3.0
9.0
EPSS
1.3%
EPSS 63% CVSS 5.9
MEDIUM PATCH This Month

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference OpenSSL Denial Of Service +105
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Siemens +1
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Siemens Authentication Bypass Simatic Logon
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy