Skip to main content

Simatic Wincc Open Architecture

7 CVEs product

Monthly

CVE-2020-7580 MEDIUM This Month

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions),. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Simatic Automatic Tool Simatic Net Pc Simatic Pcs 7 Simatic Pcs Neo +13
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-10929 MEDIUM This Month

A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Simatic Et 200Sp Open Controller Cpu 1515Sp Pc Firmware Simatic Et 200Sp Open Controller Cpu 1515Sp Pc2 Firmware Simatic S7 1200 Cpu 1211C Firmware Simatic S7 1200 Cpu 1212C Firmware +16
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2018-13799 CRITICAL Act Now

A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Simatic Wincc Open Architecture
NVD
CVSS 3.0
9.1
EPSS
2.3%
CVE-2014-1699 MEDIUM This Month

Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Simatic Wincc Open Architecture
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2014-1698 MEDIUM This Month

Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Simatic Wincc Open Architecture
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2014-1697 HIGH This Week

The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens RCE Simatic Wincc Open Architecture
NVD
CVSS 2.0
7.5
EPSS
4.5%
CVE-2014-1696 MEDIUM This Month

Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Information Disclosure Simatic Wincc Open Architecture
NVD
CVSS 2.0
5.0
EPSS
0.6%
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions),. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Simatic Automatic Tool Simatic Net Pc +15
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Simatic Et 200Sp Open Controller Cpu 1515Sp Pc Firmware Simatic Et 200Sp Open Controller Cpu 1515Sp Pc2 Firmware +18
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Simatic Wincc Open Architecture
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Denial Of Service Simatic Wincc Open Architecture
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Simatic Wincc Open Architecture
NVD
EPSS 5% CVSS 7.5
HIGH This Week

The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens RCE Simatic Wincc Open Architecture
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Information Disclosure Simatic Wincc Open Architecture
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy