Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-5874

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-22 Jul, 2016 | 15:00
Updated At-06 Aug, 2024 | 01:15
Rejected At-
Credits

Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:22 Jul, 2016 | 15:00
Updated At:06 Aug, 2024 | 01:15
Rejected At:
▼CVE Numbering Authority (CNA)

Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/92110
vdb-entry
x_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02
x_refsource_MISC
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdf
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/92110
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02
Resource:
x_refsource_MISC
Hyperlink: http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdf
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/92110
vdb-entry
x_refsource_BID
x_transferred
https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02
x_refsource_MISC
x_transferred
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdf
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/92110
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:22 Jul, 2016 | 15:59
Updated At:12 Apr, 2025 | 10:46

Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Siemens AG
siemens
>>simatic_net_pc-software>>Versions up to 13(inclusive)
cpe:2.3:a:siemens:simatic_net_pc-software:*:sp1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/92110cve@mitre.org
Third Party Advisory
VDB Entry
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdfcve@mitre.org
Mitigation
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02cve@mitre.org
N/A
http://www.securityfocus.com/bid/92110af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdfaf854a3a-2127-422b-91ae-364da2661108
Mitigation
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://www.securityfocus.com/bid/92110
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdf
Source: cve@mitre.org
Resource:
Mitigation
Vendor Advisory
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/92110
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-453276.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mitigation
Vendor Advisory
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-16-208-02
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1455Records found
CVE-2024-35212
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.29% / 51.90%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 11:15
Updated-11 Feb, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application lacks input validation due to which an attacker can gain access to the Database entries.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzersinec_traffic_analyzer
CWE ID-CWE-20
Improper Input Validation
CVE-2023-26293
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 09:03
Updated-25 Nov, 2024 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.

Action-Not Available
Vendor-Siemens AG
Product-tia_portalTotally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V15Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V18
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2017-6867
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.61% / 68.89%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_runtimesimatic_winccsimatic_wincc_\(tia_portal\)Siemens SIMATIC WinCC
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-14023
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.9||MEDIUM
EPSS-2.77% / 85.45%
||
7 Day CHG~0.00%
Published-06 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_pcs7simatic_winccSiemens SIMATIC PCS 7
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43545
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.14% / 77.48%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmwareSICAM P850POWER METER SICAM Q100SICAM P855
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0148
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.1||HIGH
EPSS-94.17% / 99.91%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-27||Apply updates per vendor instructions.

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Action-Not Available
Vendor-Microsoft CorporationSiemens AG
Product-windows_server_2008windows_7tissue_preparation_system_firmwareversant_kpcr_sample_prep_firmwareversant_kpcr_molecular_systemacuson_p500acuson_p500_firmwarewindows_10_1507acuson_x700_firmwarewindows_10_1511server_message_blocktissue_preparation_systemwindows_vistaversant_kpcr_sample_prepacuson_x700acuson_sc2000versant_kpcr_molecular_system_firmwaresyngo_sc2000_firmwareacuson_p300_firmwarewindows_server_2012syngo_sc2000windows_10_1607windows_server_2016acuson_p300windows_8.1acuson_sc2000_firmwarewindows_rt_8.1Windows SMBSMBv1 server
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9156
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.50% / 64.77%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2022-40227
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.04% / 11.44%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions < V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets.

Action-Not Available
Vendor-Siemens AG
Product-siplus_hmi_ktp900_basicsimatic_hmi_ktp_mobile_panels_firmwaresiplus_hmi_ktp400_basic_firmwaresimatic_hmi_ktp700_basicsimatic_hmi_ktp700_basic_firmwaresimatic_hmi_ktp1200_basic_firmwaresiplus_hmi_ktp400_basicsimatic_hmi_ktp900_basic_firmwaresimatic_hmi_ktp_mobile_panelssimatic_hmi_ktp400_basic_firmwaresimatic_hmi_ktp1200_basicsiplus_hmi_ktp1200_basicsiplus_hmi_ktp700_basicsimatic_hmi_ktp400_basicsiplus_hmi_ktp1200_basic_firmwaresimatic_hmi_comfort_panelssimatic_hmi_ktp900_basicsimatic_hmi_comfort_panels_firmwaresiplus_hmi_ktp900_basic_firmwaresiplus_hmi_ktp700_basic_firmwareSIPLUS HMI KTP1200 BASICSIMATIC HMI KTP700 BasicSIPLUS HMI KTP400 BASICSIMATIC HMI Comfort Panels (incl. SIPLUS variants)SIPLUS HMI KTP700 BASICSIMATIC HMI KTP900 BasicSIMATIC HMI KTP400 BasicSIMATIC HMI KTP1200 BasicSIMATIC HMI KTP Mobile PanelsSIPLUS HMI KTP900 BASIC
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32253
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.84%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:22
Updated-03 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9042
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-3.7||LOW
EPSS-2.53% / 84.84%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 03:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

Action-Not Available
Vendor-ntpFreeBSD FoundationTalos (Cisco Systems, Inc.)Hewlett Packard Enterprise (HPE)Siemens AG
Product-freebsdntpsimatic_net_cp_443-1_opc_uasimatic_net_cp_443-1_opc_ua_firmwarehpux-ntpNetwork Time Protocol
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5743
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.63% / 89.98%
||
7 Day CHG~0.00%
Published-22 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_runtime_professionalsimatic_batchsimatic_winccsimatic_pcs_7simatic_openpcs_7n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36362
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.05%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-08 Oct, 2024 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA2) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA2) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA2) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA2) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA2) (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to manipulate the devices IP address, which means the device would not be reachable and could only be recovered by power cycling the device.

Action-Not Available
Vendor-Siemens AG
Product-logo\!8_bm_fs-05logo\!8_bm_fs-05_firmwarelogo\!_8_bm_firmwarelogo\!8_bmLOGO! 230RCEoSIPLUS LOGO! 24CEoLOGO! 12/24RCELOGO! 24RCEoSIPLUS LOGO! 12/24RCEoLOGO! 24CEoSIPLUS LOGO! 24RCEoLOGO! 24RCESIPLUS LOGO! 24CELOGO! 12/24RCEoLOGO! 230RCESIPLUS LOGO! 230RCEoLOGO! 24CESIPLUS LOGO! 24RCESIPLUS LOGO! 12/24RCESIPLUS LOGO! 230RCE
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36363
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.54% / 66.67%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-08 Oct, 2024 | 08:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices do not properly validate an offset value which can be defined in TCP packets when calling a method. This could allow an attacker to retrieve parts of the content of the memory.

Action-Not Available
Vendor-Siemens AG
Product-logo\!8_bm_fs-05logo\!8_bm_fs-05_firmwarelogo\!_8_bm_firmwarelogo\!8_bmLOGO! 230RCEoSIPLUS LOGO! 24CEoLOGO! 12/24RCELOGO! 24RCEoSIPLUS LOGO! 12/24RCEoLOGO! 24CEoSIPLUS LOGO! 24RCEoLOGO! 24RCESIPLUS LOGO! 24CELOGO! 12/24RCEoLOGO! 230RCESIPLUS LOGO! 230RCEoLOGO! 24CESIPLUS LOGO! 24RCESIPLUS LOGO! 12/24RCESIPLUS LOGO! 230RCE
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5386
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-0.68% / 70.66%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_mic_firmwaresicam_micn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2031
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 75.74%
||
7 Day CHG~0.00%
Published-31 Jan, 2020 | 19:33
Updated-05 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-aruba_instantairwavearubaosscalance_w1750d_firmwarescalance_w1750dn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-44228
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-10||CRITICAL
EPSS-94.36% / 99.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2021 | 00:00
Updated-08 Aug, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-24||For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Action-Not Available
Vendor-percussionsnowsoftwareApple Inc.The Apache Software FoundationFedora ProjectCisco Systems, Inc.Siemens AGIntel CorporationNetApp, Inc.Bentley Systems, IncorporatedSonicWall Inc.Debian GNU/Linux
Product-common_services_platform_collectorsolidfire_enterprise_sdsoncommand_insightdatacenter_manageractive_iq_unified_manageroperation_schedulerconnected_analytics_for_network_deploymentindustrial_edge_management_hubsnapcenterintegrated_management_controller_supervisorfirepower_1150iot_operations_dashboardwan_automation_enginefirepower_2140system_studiovirtualized_voice_browserfirepower_2110dna_centersolid_edge_cam_pro6bk1602-0aa42-0tp0energyipcomossecure_device_onboardfirepower_4120sppa-t3000_ses3000_firmwaresiveillance_viewpointfirepower_1120genomics_kernel_librarycontact_center_domain_managercrosswork_data_gatewayxpedition_package_integratornetwork_dashboard_fabric_controller6bk1602-0aa22-0tp0_firmwarecloud_secure_agentnexus_insights6bk1602-0aa22-0tp0firepower_10106bk1602-0aa32-0tp0email_securityunified_contact_center_management_portalopcenter_intelligencexcodedna_spaces_connectorfinessesolidfire_\&_hci_storage_nodepackaged_contact_center_enterpriseunified_sip_proxycloudcenter_suiteucs_directorenergy_engagefxoscustomer_experience_cloud_agentpaging_serverlogo\!_soft_comfortfirepower_2130siveillance_control_prospectrum_power_7cloud_managernetwork_insights_for_data_centersynchro_4d6bk1602-0aa52-0tp0solid_edge_harness_designfog_directornetwork_assurance_enginefirepower_4115nexus_dashboardsmart_phybusiness_process_automation6bk1602-0aa42-0tp0_firmwarebroadworksfirepower_4140emergency_responderucs_centralcomputer_vision_annotation_toolvideo_surveillance_managerconnected_mobile_experiencessynchrohead-end_system_universal_device_integration_systemsentron_powermanagerfedoracloudcenter_cost_optimizer6bk1602-0aa12-0tp0_firmwarespectrum_power_4cloudcentervm_access_proxycloudcenter_suite_adminoneapi_sample_browser6bk1602-0aa52-0tp0_firmwarefirepower_4150virtual_topology_systemfirepower_9300prime_service_catalogbrocade_san_navigatorenterprise_chat_and_emailcloud_connectfirepower_4145teamcenterunified_customer_voice_portalcloud_insightsrhythmyxfirepower_1140sipass_integratedsiveillance_vantageintersight_virtual_appliancesd-wan_vmanageucs_central_softwarecontact_center_management_portalwebex_meetings_serverunified_intelligence_centerunified_workforce_optimizationenergyip_prepaycrosswork_zero_touch_provisioningcx_cloud_agent6bk1602-0aa12-0tp0unity_connectioncloudcenter_workload_manageroptical_network_controllervirtualized_infrastructure_managervideo_surveillance_operations_manager6bk1602-0aa32-0tp0_firmwareunified_communications_manageradvanced_malware_protection_virtual_private_cloud_applianceidentity_services_enginesnow_commandercyber_vision_sensor_management_extensionfirepower_4112unified_contact_center_enterprisedebian_linuxunified_computing_systemunified_contact_center_expressxpedition_enterpriselog4jdesigo_cc_advanced_reportsontap_toolsunified_communications_manager_im_and_presence_servicefirepower_2120mobility_services_enginecrosswork_network_automationdna_spacesvesysautomated_subsea_tuningcyber_visionsiveillance_commandevolved_programmable_network_managerdna_spaces\firepower_4110mendixfirepower_4125sppa-t3000_ses3000unified_communications_manager_im_\&_presence_servicee-car_operation_centernxindustrial_edge_managementworkload_optimization_managerfirepower_threat_defensenavigatorcapitalcrosswork_platform_infrastructurenetwork_services_orchestratordata_center_network_managercrosswork_optimization_enginemindspheresiguard_dsagma-managerdesigo_cc_info_centercrosswork_network_controllersiveillance_identityApache Log4j2Log4j2
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2021-44695
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.73%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_cpu_1507ssimatic_s7-1200_cpu_12_1214fcsimatic_s7-1500_cpu_cpu_1513pro-2simatic_s7-1500_cpu_1511csimatic_s7-1500_cpu_1511t-1_firmwaresimatic_s7-1500_cpu_1512sp-1siplus_s7-300_cpu_314siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwaresimatic_et_200_sp_open_controller_cpu_1515sp_pc_firmwaresimatic_s7-1200_cpu_12_1214c_firmwaresimatic_s7-1200_cpu_12_1211csimatic_s7-1500_cpu_1508s_f_firmwaresimatic_s7-1500_cpu_1510sp-1simatic_s7-1200_cpu_1212csimatic_s7-1500_cpu_1512spf-1simatic_s7-1500_cpu_1513-1simatic_s7-1200_cpu_1212fc_firmwaresimatic_s7-1500_cpu_1517-3_pnsimatic_s7-1500_cpu_1515-2_pn_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dpsimatic_s7-1500_cpu_1513r-1simatic_s7-1200_cpu_1215_fcsimatic_s7-1500_cpu_1512c_firmwaresimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwaresimatic_s7-1200_cpu_12_1215csimatic_s7-1500_cpu_1511-1_firmwaresimatic_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1517f-3_firmwaresimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1518hf-4simatic_s7-1500_cpu_1518-4_pn_firmwaresiplus_tim_1531_irc_firmwaresimatic_s7-1500_cpu_1518-4_dp_firmwaresimatic_s7-1500_cpu_1516tf-3_firmwaresimatic_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dpsimatic_s7-1500_cpu_1517-3simatic_s7-1500_cpu_1518t-4_firmwaresimatic_s7-1500_cpu_1508s_fsimatic_s7-1500_cpu_15prof-2_firmwaresimatic_s7-1500_cpu_1513f-1_pnsimatic_s7-1200_cpu_1214c_firmwaresimatic_s7-1500_cpu_1517-3_pn_firmwaresimatic_s7-1500_cpu_1517-3_dpsimatic_s7-1200_cpu_12_1214csimatic_s7-1200_cpu_1211c_firmwaresimatic_s7-1500_cpu_cpu_1513pro-2_firmwaresimatic_s7-1200_cpu_1214csiplus_tim_1531_ircsimatic_s7-1500_cpu_15prof-2simatic_s7-1500_cpu_1516tf-3siplus_s7-300_cpu_315-2_pn\/dp_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwaresimatic_s7-1500_cpu_151511f-1_firmwaresimatic_s7-1500_cpu_1507s_f_firmwaresimatic_s7-1500_cpu_1516t-3_firmwaresimatic_s7-1500_cpu_1511t-1simatic_s7-1500_cpu_1517tf-3simatic_s7-1500_cpu_1515-2_pnsimatic_s7-1200_cpu_1214_fcsimatic_s7-1500_cpu_1515-2_firmwaresimatic_s7-1500_cpu_1516pro-2_firmwaretim_1531_irc_firmwaresimatic_s7-1500_cpu_1515-2simatic_s7-1500_cpu_1516-3_pnsimatic_s7-1500_cpu_1516pro_f_firmwaresimatic_s7-1500_cpu_1516-3simatic_s7-1200_cpu_1214fcsimatic_s7-1500_cpu_1518f-4_pn\/dpsimatic_s7-1500_cpu_1508s_firmwaresimatic_s7-1500_cpu_1511f-1_firmwaresimatic_s7-1200_cpu_12_1212fcsimatic_s7-1500_cpu_151511c-1simatic_s7-1500_cpu_1518tf-4_firmwaresiplus_s7-1200_cp_1243-1simatic_s7-1500_cpu_1511f-1_pnsimatic_s7-1500_cpu_1507s_fsiplus_s7-300_cpu_315-2_dpsimatic_s7-1500_cpu_1518simatic_s7-1500_cpu_1513-1_pn_firmwaresimatic_s7-1200_cpu_1215fcsimatic_s7-1500_cpu_1518f-4simatic_s7-1500_cpu_1516pro_fsimatic_s7-1500_cpu_1513r-1_firmwaresimatic_et_200_sp_open_controller_cpu_1515sp_pcsimatic_s7-1500_cpu_1512c-1_firmwaresimatic_s7-1500_cpu_1513f-1_pn_firmwaresiplus_et_200sp_cp_1543sp-1_isec_firmwaresimatic_s7-1500_cpu_1518_firmwaresimatic_s7-1500_cpu_1518-4_firmwaresimatic_s7-1500_cpu_1518tf-4simatic_s7-1200_cpu_1214_fc_firmwaresiplus_s7-1200_cp_1243-1_railsimatic_s7-1500_cpu_1516t-3simatic_s7-1500_cpu_1510sp_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dp_mfpsiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwaresimatic_s7-1200_cpu_1215_fc_firmwaresimatic_s7-1200_cpu_12_1215fc_firmwaresimatic_s7-1500_cpu_1515t-2simatic_s7-1500_cpu_15pro-2simatic_s7-1500_cpu_1518-4_pnsimatic_s7-1200_cpu_12_1212c_firmwaresimatic_s7-1200_cpu_12_1212fc_firmwaresimatic_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_15pro-2_firmwaresimatic_s7-1500_cpu_1515tf-2_firmwaretim_1531_ircsimatic_s7-1500_cpu_151511c-1_firmwaresimatic_s7-1200_cpu_12_1217csimatic_s7-1500_cpu_1518-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1510spsimatic_s7-1200_cpu_12_1217c_firmwaresimatic_s7-1500_cpu_1518f-4_firmwaresimatic_s7-1200_cpu_1217csimatic_s7-1500_cpu_151511f-1simatic_s7-1500_software_controller_firmwaresimatic_s7-1500_cpu_1511-1simatic_s7-1500_cpu_1518-4_dpsiplus_s7-300_cpu_317-2_pn\/dp_firmwaresimatic_s7-1200_cpu_1215c_firmwaresimatic_s7-1500_cpu_1513-1_pnsimatic_s7-1200_cpu_1212c_firmwaresimatic_s7-1500_cpu_1515f-2_firmwaresimatic_s7-1200_cpu_1217c_firmwaresimatic_s7-1200_cpu_1214fc_firmwaresimatic_s7-1500_cpu_cpu_1513prof-2_firmwaresimatic_s7-1200_cpu_1215csimatic_s7-1500_cpu_1515r-2simatic_s7-1200_cpu_12_1215fcsiplus_et_200sp_cp_1543sp-1_isecsimatic_s7-1500_cpu_1513f-1simatic_s7-1500_cpu_1512csimatic_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1511c-1simatic_s7-1500_cpu_1517f-3simatic_s7-1500_cpu_1512spf-1_firmwaresiplus_s7-300_cpu_314_firmwaresiplus_et_200sp_cp_1543sp-1_isec_tx_railsimatic_s7-1500_cpu_1517tf-3_firmwaresimatic_s7-1500_cpu_1516f-3_firmwaresimatic_s7-1500_cpu_1517-3_firmwaresimatic_s7-1200_cpu_12_1214fc_firmwaresimatic_s7-1500_software_controllersimatic_s7-1500_cpu_1511c-1_firmwaresimatic_s7-1500_cpu_1517-3_dp_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1518hf-4_firmwaresimatic_s7-1200_cpu_12_1212csiplus_s7-300_cpu_315-2_pn\/dpsimatic_s7-1500_cpu_1511f-1siplus_s7-300_cpu_317-2_pn\/dpsimatic_s7-1500_cpu_1515tf-2siplus_s7-1200_cp_1243-1_rail_firmwaresimatic_s7-1500_cpu_1511c_firmwaresimatic_s7-1500_cpu_1511tf-1simatic_s7-1500_cpu_1518-4simatic_s7-1500_cpu_1518-4_pn\/dpsiplus_s7-1200_cp_1243-1_firmwaresimatic_s7-1500_cpu_1511tf-1_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1516-3_dpsimatic_s7-1500_cpu_1508ssiplus_s7-300_cpu_315-2_dp_firmwaresimatic_s7-plcsim_advanced_firmwaresimatic_s7-1500_cpu_1510sp-1_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dpsimatic_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1515t-2_firmwaresiplus_et_200sp_cp_1542sp-1_irc_tx_railsimatic_s7-1500_cpu_1516-3_dp_firmwaresimatic_s7-1200_cpu_12_1215c_firmwaresimatic_s7-1500_cpu_1512sp-1_firmwaresimatic_s7-1200_cpu_1215fc_firmwaresimatic_s7-1500_cpu_1512c-1simatic_s7-1500_cpu_1515f-2simatic_s7-1500_cpu_cpu_1513prof-2simatic_s7-1500_cpu_1515f-2_pnsimatic_s7-1200_cpu_1211csimatic_s7-1500_cpu_1516f-3simatic_s7-1500_cpu_1516-3_pn_firmwaresimatic_s7-1200_cpu_12_1211c_firmwaresimatic_s7-plcsim_advancedsimatic_s7-1500_cpu_1513f-1_firmwaresimatic_s7-1200_cpu_1212fcsimatic_s7-1500_cpu_1516pro-2simatic_s7-1500_cpu_1515r-2_firmwaresimatic_s7-1500_cpu_1507s_firmwaresimatic_s7-1500_cpu_1513-1_firmwaresimatic_s7-1500_cpu_1518t-4SIMATIC S7-1500 CPU 1512C-1 PNSIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1500 CPU 1511T-1 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIPLUS S7-1500 CPU 1518F-4 PN/DPSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1515TF-2 PNSIMATIC S7-1500 CPU 1510SP-1 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1500 CPU 1511TF-1 PNSIPLUS S7-1500 CPU 1515F-2 PNSIPLUS S7-1500 CPU 1517H-3 PNSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIMATIC S7-1500 CPU 1518HF-4 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIPLUS ET 200SP CPU 1510SP-1 PN RAILSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC S7-PLCSIM AdvancedSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 CPU 1517H-3 PNSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIMATIC S7-1500 CPU 1511C-1 PNSIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC Drive Controller CPU 1507D TFSIMATIC Drive Controller CPU 1504D TFSIMATIC S7-1500 CPU 1513R-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1500 CPU 1515R-2 PNSIMATIC S7-1500 CPU 1512SP F-1 PNTIM 1531 IRCSIPLUS S7-1500 CPU 1511F-1 PNSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC S7-1500 Software Controller V2SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1513-1 PNSIPLUS ET 200SP CPU 1510SP F-1 PNSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIPLUS ET 200SP CPU 1510SP-1 PNSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1516T-3 PN/DPSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIPLUS S7-1500 CPU 1515R-2 PN TX RAILSIMATIC S7-1500 CPU 1512SP-1 PNSIMATIC S7-1500 CPU 1518T-4 PN/DPSIMATIC S7-1500 CPU 1511-1 PNSIMATIC S7-1500 CPU 1517T-3 PN/DPSIPLUS S7-1500 CPU 1518HF-4 PNSIPLUS S7-1500 CPU 1513-1 PNSIPLUS S7-1500 CPU 1515R-2 PNSIMATIC S7-1500 CPU 1513F-1 PNSIMATIC S7-1500 CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1515F-2 PN RAILSIPLUS TIM 1531 IRCSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIPLUS S7-1500 CPU 1511-1 PNSIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7855
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-60.88% / 98.23%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxNetApp, Inc.Siemens AG
Product-oncommand_unified_manageroncommand_performance_manageroncommand_balancetim_4r-ie_dnp3_firmwareclustered_data_ontaptim_4r-ie_dnp3debian_linuxtim_4r-ie_firmwaretim_4r-ientpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-31766
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.33% / 55.52%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-21 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

Action-Not Available
Vendor-Siemens AG
Product-scalance_m812-1scalance_mum853-1scalance_m826-2_firmwarescalance_m874-3scalance_m874-3_firmwarescalance_wam766-1scalance_m876-3scalance_m816-1_firmwareruggedcom_rm1224scalance_wam763-1_firmwarescalance_m816-1scalance_m804pb_firmwarescalance_mum856-1_firmwarescalance_s615_firmwarescalance_wum766-1scalance_m876-3_firmwarescalance_m812-1_firmwarescalance_m826-2scalance_mum856-1scalance_wam766-1_firmwarescalance_wam763-1scalance_m876-4scalance_m876-4_firmwarescalance_s615scalance_wum763-1scalance_m804pbscalance_wum763-1_firmwareruggedcom_rm1224_firmwarescalance_m874-2_firmwarescalance_m874-2scalance_wum766-1_firmwarescalance_mum853-1_firmwareSCALANCE M876-3 (ROK)SCALANCE M876-4 (NAM)SCALANCE MUM856-1 (EU)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4SCALANCE WAM766-1 (US)SCALANCE M826-2 SHDSL-RouterSCALANCE S615 EEC LAN-RouterRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE MUM853-1 (EU)SCALANCE WAM766-1SCALANCE WUM763-1SCALANCE WUM766-1SCALANCE M812-1 ADSL-RouterSCALANCE M876-3SCALANCE M876-4 (EU)SCALANCE WAM766-1 EEC (US)SCALANCE WAM766-1 EECSCALANCE S615 LAN-RouterSCALANCE MUM856-1 (RoW)SCALANCE M816-1 ADSL-RouterSCALANCE M874-3SCALANCE M804PBSCALANCE WAM763-1SCALANCE M874-2SCALANCE WUM766-1 (USA)
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7705
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-29.58% / 96.45%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

Action-Not Available
Vendor-ntpn/aNetApp, Inc.Siemens AGCitrix (Cloud Software Group, Inc.)
Product-oncommand_unified_manageroncommand_performance_managertim_4r-ie_dnp3_firmwareclustered_data_ontaptim_4r-ie_dnp3xenservertim_4r-ie_firmwaretim_4r-ientpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40746
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.27% / 50.23%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:17
Updated-20 Aug, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2822
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.60% / 68.47%
||
7 Day CHG~0.00%
Published-08 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102.

Action-Not Available
Vendor-n/aSiemens AG
Product-winccn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2177
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-50.64% / 97.76%
||
7 Day CHG~0.00%
Published-07 Mar, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7-300_cpusimatic_s7-300_cpu_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29872
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.29% / 78.85%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg8501-0aa11-2aa0_firmware7kg8551-0aa01-2aa07kg8501-0aa11-0aa07kg8500-0aa10-0aa0_firmware7kg8501-0aa31-2aa0_firmware7kg8551-0aa02-2aa0_firmware7kg8551-0aa02-0aa0_firmware7kg8551-0aa32-2aa0_firmware7kg8550-0aa00-0aa07kg8550-0aa00-0aa0_firmware7kg8501-0aa01-0aa07kg8551-0aa02-0aa07kg8500-0aa30-0aa07kg8551-0aa32-0aa0_firmware7kg8551-0aa02-2aa07kg8550-0aa30-0aa0_firmware7kg8501-0aa32-0aa07kg8500-0aa30-2aa0_firmware7kg8501-0aa01-0aa0_firmware7kg8501-0aa02-0aa07kg8551-0aa12-2aa07kg8500-0aa00-0aa07kg8551-0aa01-0aa0_firmware7kg8501-0aa11-2aa07kg8501-0aa31-0aa07kg8501-0aa12-2aa0_firmware7kg8501-0aa32-2aa07kg8550-0aa00-2aa0_firmware7kg8550-0aa30-2aa07kg8501-0aa31-0aa0_firmware7kg8550-0aa30-0aa07kg8501-0aa12-0aa0_firmware7kg8551-0aa12-0aa07kg8500-0aa30-2aa07kg8501-0aa32-2aa0_firmware7kg8500-0aa10-2aa0_firmware7kg8500-0aa00-2aa0_firmware7kg8501-0aa01-2aa0_firmware7kg8501-0aa02-0aa0_firmware7kg8500-0aa10-0aa07kg8551-0aa12-0aa0_firmware7kg8550-0aa30-2aa0_firmware7kg8551-0aa32-2aa07kg8501-0aa11-0aa0_firmware7kg8550-0aa10-2aa07kg8501-0aa02-2aa0_firmware7kg8551-0aa32-0aa07kg8501-0aa32-0aa0_firmware7kg8551-0aa12-2aa0_firmware7kg8550-0aa10-0aa0_firmware7kg8501-0aa01-2aa07kg8550-0aa00-2aa07kg8551-0aa31-2aa0_firmware7kg8551-0aa11-2aa07kg8501-0aa12-0aa07kg8551-0aa31-0aa0_firmware7kg8551-0aa11-0aa07kg8500-0aa00-2aa07kg8551-0aa01-2aa0_firmware7kg8550-0aa10-2aa0_firmware7kg8550-0aa10-0aa07kg8551-0aa31-0aa07kg8551-0aa11-0aa0_firmware7kg8551-0aa11-2aa0_firmware7kg8500-0aa30-0aa0_firmware7kg8551-0aa01-0aa07kg8501-0aa02-2aa07kg8500-0aa10-2aa07kg8551-0aa31-2aa07kg8501-0aa31-2aa07kg8501-0aa12-2aa07kg8500-0aa00-0aa0_firmwareSICAM P850SICAM P855
CWE ID-CWE-141
Improper Neutralization of Parameter/Argument Delimiters
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34311
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Mono_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13352)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34310
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13351)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34291
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12956)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34300
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13194)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34316
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The DL180CoolType.dll library in affected applications lacks proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13380)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34331
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13442)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34298
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing BMP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13060)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34318
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.40% / 60.17%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13403)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34301
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing BMP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13196)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34322
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 42.69%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13416)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2023-51438
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-0.34% / 56.26%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 10:00
Updated-22 May, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

Action-Not Available
Vendor-microchipSiemens AG
Product-simatic_ipc647esimatic_ipc847emaxview_storage_managersimatic_ipc1047eSIMATIC IPC847ESIMATIC IPC1047ESIMATIC IPC647E
CWE ID-CWE-20
Improper Input Validation
CVE-2023-49252
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.23% / 46.05%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 10:00
Updated-17 Jun, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cn_4100SIMATIC CN 4100
CWE ID-CWE-20
Improper Input Validation
CVE-2015-1049
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.54% / 66.52%
||
7 Day CHG~0.00%
Published-02 Feb, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x204irtscalance_x202-2p_irtscalance_x202-2irtscalance_x202-4p_irtscalance_xf204irtscalance_x202-2p_irt_proscalance_x-200_series_firmwarescalance_x204irt_proscalance_x201-3pirtscalance_x201-3p_irt_pron/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28328
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.55% / 67.02%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:08
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed Multicast LLC frames. This could allow an attacker to trigger a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w1788-2ia_m12scalance_w1788-2ia_m12_firmwarescalance_w1788-2_m12_firmwarescalance_w1788-1_m12_firmwarescalance_w1788-2_eec_m12_firmwarescalance_w1788-1_m12scalance_w1788-2_eec_m12scalance_w1788-2_m12SCALANCE W1788-1 M12SCALANCE W1788-2IA M12SCALANCE W1788-2 M12SCALANCE W1788-2 EEC M12
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34296
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13057)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34330
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.40% / 60.17%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13430)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34309
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13350)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2014-8479
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated users to cause a denial of service (reboot) via crafted FTP packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x-408_firmwarescalance_x-300poescalance_xr-300poescalance_x-300eecscalance_x-408scalance_x-300scalance_xr-300eecscalance_x-300_series_firmwarescalance_xr-300n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-9369
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.25%
||
7 Day CHG~0.00%
Published-07 Mar, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SPC controllers SPC4000, SPC5000, and SPC6000 before 3.6.0 allow remote attackers to cause a denial of service (device restart) via crafted packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-spc6000_firmwarespc4000_firmwarespc5000_firmwarespc6000spc5000spc4000n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2201
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.61% / 81.01%
||
7 Day CHG~0.00%
Published-08 Feb, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7-1518f-4_pn\/dp_cpusimatic_s7-1518-4_pn\/dp_cpusimatic_s7-1515-2_pn_cpusimatic_s7-1511f-1_pn_cpusimatic_s7-1516f-3_pn\/dp_cpusimatic_s7-1513f-1_pn_cpusimatic_s7-1517f-3_pn\/dp_cpusimatic_s7-1512c-1_pn_cpusimatic_s7-1516-3_pn\/dp_cpusimatic_s7-1500_cpu_firmwaresimatic_s7-1513-1_pn_cpusimatic_s7-1511c-1_pn_cpusimatic_s7-1515f-2_pn_cpusimatic_s7-1511-1_pn_cpusimatic_s7-1517-3_pn\/dp_cpun/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-46285
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.75%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-24 May, 2025 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalTotally Integrated Automation Portal (TIA Portal) V15.1Opcenter QualityTotally Integrated Automation Portal (TIA Portal) V18SINEC NMSSIMATIC PCS neoOpcenter Execution FoundationTotally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V17
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4912
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.53% / 66.35%
||
7 Day CHG~0.00%
Published-31 Jul, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.

Action-Not Available
Vendor-n/aSiemens AG
Product-winccn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3634
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.13%
||
7 Day CHG~0.00%
Published-24 May, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x204irtscalance_x200-4p_irtscalance_x202-2p_irtscalance_x202-2irtscalance_x200irt_firmwarescalance_xf204irtscalance_x201-3p_irtn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19279
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.06%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_4siprotec_compactSIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0670
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.3||MEDIUM
EPSS-0.33% / 55.01%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Action-Not Available
Vendor-n/aSiemens AG
Product-wincc_tia_portaln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0669
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4||MEDIUM
EPSS-0.17% / 38.09%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.

Action-Not Available
Vendor-n/aSiemens AG
Product-wincc_tia_portaln/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 29
  • 30
  • Next
Details not found