Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-13940

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-11 Feb, 2020 | 15:36
Updated At-05 Aug, 2024 | 00:05
Rejected At-
Credits

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:11 Feb, 2020 | 15:36
Updated At:05 Aug, 2024 | 00:05
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

Affected Products
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200pro IM154-8 PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200pro IM154-8F PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200pro IM154-8FX PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200S IM151-8 PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC ET 200S IM151-8F PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-1200 CPU family (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions < V4.1
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 314C-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 315-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 315F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 315T-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317T-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 317TF-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 319-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-300 CPU 319F-3 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)
Default Status
unknown
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIMATIC WinAC RTX 2010
Default Status
unknown
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIMATIC WinAC RTX F 2010
Default Status
unknown
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
SIPLUS ET 200S IM151-8 PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIPLUS ET 200S IM151-8F PN/DP CPU
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 314C-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 315-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 315F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 317-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Vendor
Siemens AGSiemens
Product
SIPLUS S7-300 CPU 317F-2 PN/DP
Default Status
unknown
Versions
Affected
  • All versions < V3.X.17
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400: Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400: Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:11 Feb, 2020 | 16:15
Updated At:07 Nov, 2023 | 03:04

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Siemens AG
siemens
>>s7-1200_cpu_1211c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1211c>>-
cpe:2.3:h:siemens:s7-1200_cpu_1211c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1212c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1212c>>-
cpe:2.3:h:siemens:s7-1200_cpu_1212c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1214c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1214c>>-
cpe:2.3:h:siemens:s7-1200_cpu_1214c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1215c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1215c>>-
cpe:2.3:h:siemens:s7-1200_cpu_1215c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1217c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1217c>>-
cpe:2.3:h:siemens:s7-1200_cpu_1217c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1212fc_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1212fc>>-
cpe:2.3:h:siemens:s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1214fc_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1214fc_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1214fc>>-
cpe:2.3:h:siemens:s7-1200_cpu_1214fc:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1215fc_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:s7-1200_cpu_1215fc_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>s7-1200_cpu_1215fc>>-
cpe:2.3:h:siemens:s7-1200_cpu_1215fc:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-1200_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:siplus_s7-1200_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-1200>>-
cpe:2.3:h:siemens:siplus_s7-1200:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1211c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:siplus_cpu_1211c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1211c>>-
cpe:2.3:h:siemens:siplus_cpu_1211c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1212c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:siplus_cpu_1212c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1212c>>-
cpe:2.3:h:siemens:siplus_cpu_1212c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1214c_firmware>>Versions up to 4.1(inclusive)
cpe:2.3:o:siemens:siplus_cpu_1214c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1214c>>-
cpe:2.3:h:siemens:siplus_cpu_1214c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1215c_firmware>>Versions before 4.1(exclusive)
cpe:2.3:o:siemens:siplus_cpu_1215c_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_cpu_1215c>>-
cpe:2.3:h:siemens:siplus_cpu_1215c:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_319-3_pn\/dp_firmware>>*
cpe:2.3:o:siemens:simatic_s7-300_cpu_319-3_pn\/dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_319-3_pn\/dp>>-
cpe:2.3:h:siemens:simatic_s7-300_cpu_319-3_pn\/dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_315-2dp_firmware>>*
cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_315-2dp>>-
cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_315-2_pn\/dp_firmware>>*
cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_pn\/dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_315-2_pn\/dp>>-
cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_pn\/dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_317-2_dp_firmware>>*
cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_317-2_dp>>-
cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_317-2_pn\/dp_firmware>>*
cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_pn\/dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_317-2_pn\/dp>>-
cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_pn\/dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_319-3_pn\/dp_firmware>>*
cpe:2.3:o:siemens:simatic_s7-300_cpu_319-3_pn\/dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-300_cpu_319-3_pn\/dp>>-
cpe:2.3:h:siemens:simatic_s7-300_cpu_319-3_pn\/dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_314_firmware>>*
cpe:2.3:o:siemens:siplus_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_314>>-
cpe:2.3:h:siemens:siplus_s7-300_cpu_314:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_315-2_dp_firmware>>*
cpe:2.3:o:siemens:siplus_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_315-2_dp>>-
cpe:2.3:h:siemens:siplus_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_315-2_pn\/dp_firmware>>*
cpe:2.3:o:siemens:siplus_s7-300_cpu_315-2_pn\/dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_315-2_pn\/dp>>-
cpe:2.3:h:siemens:siplus_s7-300_cpu_315-2_pn\/dp:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_317-2_pn\/dp_firmware>>*
cpe:2.3:o:siemens:siplus_s7-300_cpu_317-2_pn\/dp_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siplus_s7-300_cpu_317-2_pn\/dp>>v6
cpe:2.3:h:siemens:siplus_s7-300_cpu_317-2_pn\/dp:v6:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_pn\/dp_cpu_firmware>>*
cpe:2.3:o:siemens:simatic_s7-400_pn\/dp_cpu_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_s7-400_pn\/dp_cpu>>v7
cpe:2.3:h:siemens:simatic_s7-400_pn\/dp_cpu:v7:*:*:*:*:*:*:*
Siemens AG
siemens
>>simatic_winac_rtx_\(f\)_2010>>*
cpe:2.3:a:siemens:simatic_winac_rtx_\(f\)_2010:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primaryproductcert@siemens.com
CWE-400Secondarynvd@nist.gov
CWE ID: CWE-400
Type: Primary
Source: productcert@siemens.com
CWE ID: CWE-400
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1455Records found
CVE-2022-28328
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.55% / 67.02%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:08
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed Multicast LLC frames. This could allow an attacker to trigger a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w1788-2ia_m12scalance_w1788-2ia_m12_firmwarescalance_w1788-2_m12_firmwarescalance_w1788-1_m12_firmwarescalance_w1788-2_eec_m12_firmwarescalance_w1788-1_m12scalance_w1788-2_eec_m12scalance_w1788-2_m12SCALANCE W1788-1 M12SCALANCE W1788-2IA M12SCALANCE W1788-2 M12SCALANCE W1788-2 EEC M12
CWE ID-CWE-20
Improper Input Validation
CVE-2020-13987
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.62%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 21:37
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.

Action-Not Available
Vendor-uip_projectopen-iscsi_projectcontiki-osn/aSiemens AG
Product-contikisentron_3va_com800_firmwaresentron_3va_com800uipsentron_3va_com100open-iscsisentron_pac3200sentron_pac3200_firmwaresentron_pac4200sentron_pac4200_firmwaresentron_3va_com100_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-34798
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-10.97% / 93.14%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 14:40
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxThe Apache Software FoundationOracle CorporationTenable, Inc.Broadcom Inc.Siemens AGFedora Project
Product-peoplesoft_enterprise_peopletoolscommunications_cloud_native_core_network_function_cloud_native_environmentcloud_backuptenable.scstoragegridsinema_serverruggedcom_nmshttp_serverclustered_data_ontapdebian_linuxsinec_nmssinema_remote_connect_serverinstantis_enterprisetrackfedorazfs_storage_appliance_kitenterprise_manager_base_platformbrocade_fabric_operating_system_firmwareApache HTTP Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-27386
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.13%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsinamics_gm150simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresinamics_sm150isinamics_gl150_firmwaresinamics_gl150simatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresinamics_gm150_firmwaresinamics_sm150simatic_hmi_comfort_outdoor_panels_7\"_firmwaresinamics_gh150simatic_hmi_ktp_mobile_panels_ktp700_firmwaresinamics_gh150_firmwaresinamics_sl150simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsinamics_sh150sinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsinamics_sh150_firmwaresimatic_hmi_comfort_outdoor_panels_7\"sinamics_sm120simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_comfort_panels_4\"sinamics_sl150_firmwaresinamics_sm150i_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsinamics_sm120_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SINAMICS SM150iSIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SINAMICS GH150SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSINAMICS GM150 (with option X30)SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SINAMICS GL150 (with option X30)SINAMICS SH150SIMATIC WinCC Runtime Advanced V15SINAMICS SL150SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SINAMICS SM120SINAMICS SM150
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-27290
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.67% / 85.21%
||
7 Day CHG~0.00%
Published-12 Mar, 2021 | 21:47
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.

Action-Not Available
Vendor-ssri_projectn/aOracle CorporationSiemens AG
Product-sinec_infrastructure_network_servicesssrigraalvmn/a
CVE-2021-27383
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.13%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsinamics_gm150simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresinamics_sm150isinamics_gl150_firmwaresinamics_gl150simatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"_firmwaresinamics_gm150_firmwaresinamics_sm150simatic_hmi_comfort_outdoor_panels_7\"_firmwaresinamics_gh150simatic_hmi_ktp_mobile_panels_ktp700_firmwaresinamics_gh150_firmwaresinamics_sl150simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsinamics_sh150sinamics_sm150_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsinamics_sh150_firmwaresimatic_hmi_comfort_outdoor_panels_7\"sinamics_sm120simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_comfort_panels_4\"sinamics_sl150_firmwaresinamics_sm150i_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsinamics_sm120_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SINAMICS SM150iSIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SINAMICS GH150SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSINAMICS GM150 (with option X30)SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SINAMICS GL150 (with option X30)SINAMICS SH150SIMATIC WinCC Runtime Advanced V15SINAMICS SL150SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SINAMICS SM120SINAMICS SM150
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-47374
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.29% / 51.46%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:25
Updated-03 Aug, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle HTTP(S) requests to the web server correctly. This could allow an attacker to exhaust system resources and create a denial of service condition for the device.

Action-Not Available
Vendor-Siemens AG
Product-6es7414-3em07-0ab06es7416-3fs07-0ab06ag1414-3em07-7ab06ag1416-3es07-7ab0_firmware6ag1416-3es07-7ab0simatic_pc-station_plus_firmware6es7412-2ek07-0ab0_firmwaresimatic_pc-station_plus6es7416-3es07-0ab0_firmware6es7416-3fs07-0ab0_firmware6es7416-3es07-0ab06es7412-2ek07-0ab06es7414-3fm07-0ab0_firmware6es7414-3fm07-0ab0sinamics_s120sinamics_s120_firmware6es7414-3em07-0ab0_firmware6ag1414-3em07-7ab0_firmwareSIMATIC S7-400 CPU 416F-3 PN/DP V7SIMATIC PC-Station PlusSIPLUS S7-400 CPU 414-3 PN/DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-400 CPU 414F-3 PN/DP V7SINAMICS S120 (incl. SIPLUS variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC S7-400 CPU 412-2 PN V7SIMATIC S7-400 CPU 414-3 PN/DP V7
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2020-13871
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.19% / 83.70%
||
7 Day CHG~0.00%
Published-06 Jun, 2020 | 15:37
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

Action-Not Available
Vendor-sqliten/aNetApp, Inc.Debian GNU/LinuxOracle CorporationSiemens AGFedora Project
Product-sinec_infrastructure_network_servicesdebian_linuxcommunications_messaging_servercloud_backupsqliteontap_select_deploy_administration_utilityfedoracommunications_network_charging_and_controlzfs_storage_appliance_kithyperion_infrastructure_technologyenterprise_manager_ops_centermysql_workbenchn/a
CWE ID-CWE-416
Use After Free
CVE-2021-25661
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.05%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsimatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsimatic_hmi_ktp_mobile_panels_ktp400fsimatic_hmi_comfort_outdoor_panels_7\"simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresimatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"simatic_hmi_comfort_panels_4\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_outdoor_panels_7\"_firmwaresimatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsimatic_hmi_ktp_mobile_panels_ktp700_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SIMATIC WinCC Runtime Advanced V15
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CVE-2021-25660
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.00%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_comfort_panels_22\"simatic_hmi_ktp_mobile_panels_ktp700fsimatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_ktp_mobile_panels_ktp900fsimatic_hmi_ktp_mobile_panels_ktp400fsimatic_hmi_comfort_outdoor_panels_7\"simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresimatic_hmi_comfort_outdoor_panels_15\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_comfort_panels_4\"simatic_hmi_comfort_panels_4\"_firmwaresimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_outdoor_panels_15\"simatic_hmi_comfort_outdoor_panels_7\"_firmwaresimatic_hmi_comfort_panels_22\"_firmwaresimatic_wincc_runtime_advancedsimatic_hmi_ktp_mobile_panels_ktp700_firmwareSIMATIC WinCC Runtime Advanced V16SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900FSIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F SIMATIC WinCC Runtime Advanced V15
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-25663
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.52% / 65.95%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-11 Mar, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.

Action-Not Available
Vendor-Siemens AG
Product-nucleus_netcapital_vstarnucleus_readystartnucleus_source_codeNucleus Source CodeNucleus NETCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11Nucleus ReadyStart V4Nucleus ReadyStart V3
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-25664
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.52% / 65.95%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-11 Mar, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3nucleus_readystart_v4capital_vstarnucleus_netnucleus_source_codeNucleus Source CodeNucleus NETCapital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11Nucleus ReadyStart V4Nucleus ReadyStart V3
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-23362
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 67.08%
||
7 Day CHG~0.00%
Published-23 Mar, 2021 | 16:20
Updated-17 Sep, 2024 | 03:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.

Action-Not Available
Vendor-npmjsn/aSiemens AG
Product-sinec_infrastructure_network_serviceshosted-git-infohosted-git-info
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CVE-2020-11655
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.83% / 85.61%
||
7 Day CHG~0.00%
Published-09 Apr, 2020 | 02:49
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

Action-Not Available
Vendor-sqliten/aNetApp, Inc.Debian GNU/LinuxOracle CorporationCanonical Ltd.Tenable, Inc.Siemens AG
Product-ubuntu_linuxcommunications_messaging_serversqlitecommunications_network_charging_and_controlcommunications_session_route_manageroutside_in_technologycommunications_session_report_managertenable.scmysql_workbenchsinec_infrastructure_network_servicesdebian_linuxontap_select_deploy_administration_utilityinstantis_enterprisetrackzfs_storage_appliance_kithyperion_infrastructure_technologyenterprise_manager_ops_centercommunications_element_managermysqln/a
CWE ID-CWE-665
Improper Initialization
CVE-2023-46156
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.96%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-10 Sep, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.

Action-Not Available
Vendor-Siemens AG
Product-siplus_et_200sp_cpu_1510sp_f-1_pn_firmwaresiplus_s7-1500_cpu_1516f-3_pn\/dp_railsimatic_s7-1500_cpu_1511c-1_pnsimatic_s7-1500_cpu_1512sp_f-1_pnsimatic_s7-1500_cpu_1514sp_f-2_pn_firmwaresiplus_s7-1500_cpu_1515r-2_pnsimatic_s7-1500_cpu_1513r-1_pnsimatic_s7-1500_cpu_1516t-3_pn\/dp_firmwaresimatic_drive_controller_cpu_1507d_tf_firmwaresimatic_s7-1500_cpu_1510sp-1_pn_firmwaresinumerik_one_firmwaresiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwaresimatic_s7-1500_cpu_1515-2_pn_firmwaresiplus_s7-1500_cpu_1518-4_pn\/dp_mfpsimatic_s7-1500_cpu_1517f-3_pn\/dpsimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1514sp-2_pnsimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1518tf-4_pn\/dpsiplus_s7-1500_cpu_1515f-2_pn_t2_rail_firmwaresimatic_s7-1500_cpu_1517h-3_pn_firmwaresimatic_s7-1500_cpu_1517t-3_pn\/dpsimatic_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_et_200pro\siplus_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1515t-2_pn_firmwaresimatic_s7-1500_cpu_1517-3_pn\/dpsiplus_s7-1500_cpu_1511-1_pn_firmwaresimatic_s7-1500_cpu_1513f-1_pnsimatic_s7-1500_cpu_1514spt-2_pnsiplus_et_200sp_cpu_1512sp_f-1_pn_rail_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pn_railsimatic_s7-1500_cpu_1511t-1_pnsiplus_et_200sp_cpu_1510sp-1_pn_rail_firmwaresiplus_s7-1500_cpu_1511-1_pn_t1_railsimatic_s7-1500_cpu_s7-1518f-4_pn\/dp_odksimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1516f-3_pn\/dp_rail_firmwaresimatic_s7-1500_cpu_1514sp-2_pn_firmwaresimatic_s7-1500_cpu_1511c-1_pn_firmwaresimatic_drive_controller_cpu_1504d_tf_firmwaresimatic_s7-1500_cpu_1515-2_pnsiplus_s7-1500_cpu_1513f-1_pn_firmwaresiplus_et_200sp_cpu_1510sp-1_pnsimatic_s7-1500_cpu_1511tf-1_pn_firmwaresinumerik_mcsiplus_et_200sp_cpu_1510sp_f-1_pn_rail_firmwaresimatic_s7-1500_cpu_1517h-3_pnsiplus_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1518t-4_pn\/dpsimatic_s7-1500_cpu_1518f-4_pn\/dpsimatic_drive_controller_cpu_1504d_tfsimatic_drive_controller_cpu_1507d_tfsimatic_s7-1500_cpu_1511f-1_pnsimatic_s7-1500_cpu_1515r-2_pn_firmwaresimatic_s7-1500_cpu_1513-1_pn_firmwaresiplus_s7-1500_cpu_1515r-2_pn_tx_rail_firmwaresiplus_s7-1500_cpu_1511-1_pnsimatic_s7-1500_cpu_1513f-1_pn_firmwaresiplus_s7-1500_cpu_1518f-4_pn\/dpsimatic_s7-1500_cpu_1515tf-2_pn_firmwaresiplus_s7-1500_cpu_1515f-2_pn_railsiplus_s7-1500_cpu_1516f-3_pn\/dp_firmwaresiplus_s7-1500_cpu_1518-4_pn\/dp_firmwaresiplus_et_200sp_1512sp_f-1_pn_firmwaresimatic_s7-1500_cpu_1514sp_f-2_pnsimatic_s7-1500_cpu_1512c-1_pn_firmwaresiplus_s7-1500_cpu_1513-1_pnsinumerik_onesimatic_s7-1500_cpu_1510sp-1_pnsimatic_s7-1500_cpu_1511t-1_pn_firmwaresiplus_et_200sp_1512sp_f-1_pnsimatic_s7-1500_cpu_s7-1518f-4_pn\/dp_odk_firmwaresiplus_s7-1500_cpu_1513f-1_pnsimatic_s7-1500_cpu_1511-1_pn_firmwaresiplus_s7-1500_cpu_1516-3_pn\/dpsiplus_s7-1500_cpu_1516-3_pn\/dp_tx_railsimatic_s7-1500_cpu_1518-4_pn\/dp_firmwaresiplus_et_200sp_cpu_1512sp_f-1_pn_railsiplus_s7-1500_cpu_1515f-2_pn_t2_railsimatic_s7-1500_software_controller_firmwaresimatic_s7-1500_cpu_1510sp_f-1_pnsimatic_s7-1500_cpu_1517t-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1513-1_pnsiplus_s7-1500_cpu_1516f-3_pn\/dpsiplus_s7-1500_cpu_1518f-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1511tf-1_pnsiplus_s7-1500_cpu_1511-1_pn_tx_rail_firmwaresiplus_s7-1500_cpu_1518hf-4_pn_firmwaresiplus_s7-1500_cpu_1515f-2_pn_rail_firmwaresimatic_s7-1500_cpu_s7-1518-4_pn\/dp_odksiplus_s7-1500_cpu_1515f-2_pnsimatic_s7-1500_cpu_1513r-1_pn_firmwaresinumerik_mc_firmwaresiplus_s7-1500_cpu_1517h-3_pn_firmwaresimatic_s7-1500_cpu_1516f-3_pn\/dpsimatic_s7-1500_cpu_1514spt_f-2_pn_firmwaresimatic_s7-1500_cpu_1515tf-2_pnsiplus_s7-1500_cpu_1511f-1_pnsimatic_s7-1500_cpu_1515r-2_pnsiplus_s7-1500_cpu_1517h-3_pnsiplus_s7-1500_cpu_1515r-2_pn_firmwaresimatic_et_200sp_open_control_1515sp_pc2simatic_s7-1500_cpu_1512sp-1_pnsimatic_s7-1500_software_controllersimatic_s7-1500_cpu_1516-3_pn\/dp_firmwaresimatic_et_200sp_open_control_1515sp_pc2_firmwaresimatic_s7-1500_cpu_1512sp-1_pn_firmwaresimatic_s7-1500_cpu_1517tf-3_pn\/dp_firmwaresimatic_s7-1500_cpu_1514spt-2_pn_firmwaresimatic_s7-1500_cpu_1514spt_f-2_pnsimatic_s7-1500_cpu_1518t-4_pn\/dp_firmwaresimatic_s7-1500_cpu_1518tf-4_pn\/dp_firmwaresiplus_et_200sp_cpu_1512sp-1_pn_firmwaresimatic_s7-1500_cpu_1518-4_pn\/dpsimatic_s7-1500_cpu_1517-3_pn\/dp_firmwaresiplus_et_200sp_cpu_1510sp_f-1_pnsimatic_s7-plcsim_advanced_firmwaresiplus_s7-1500_cpu_1515r-2_pn_tx_railsiplus_et_200sp_cpu_1512sp-1_pn_rail_firmwaresiplus_et_200sp_cpu_1510sp-1_pn_firmwaresimatic_s7-1500_cpu_1516-3_pn\/dpsiplus_s7-1500_cpu_1516-3_pn\/dp_tx_rail_firmwaresimatic_s7-1500_cpu_1515f-2_pn_firmwaresimatic_s7-1500_cpu_1516t-3_pn\/dpsiplus_s7-1500_cpu_1518hf-4_pnsimatic_s7-1500_cpu_1512sp_f-1_pn_firmwaresimatic_s7-1500_cpu_1515t-2_pnsimatic_s7-1500_cpu_1518hf-4_pn_firmwaresimatic_s7-1500_cpu_1518hf-4_pnsiplus_s7-1500_cpu_1511f-1_pn_firmwaresimatic_s7-1500_cpu_1517tf-3_pn\/dpsiplus_s7-1500_cpu_1513-1_pn_firmwaresiplus_s7-1500_cpu_1518-4_pn\/dpsimatic_s7-1500_cpu_1512c-1_pnsimatic_s7-1500_cpu_1515f-2_pnsimatic_s7-1500_cpu_1510sp_f-1_pn_firmwaresiplus_et_200sp_cpu_1512sp-1_pnsiplus_s7-1500_cpu_1511-1_pn_t1_rail_firmwaresiplus_s7-1500_cpu_1511-1_pn_tx_railsimatic_s7-1500_cpu_s7-1518-4_pn\/dp_odk_firmwaresiplus_et_200sp_cpu_1510sp-1_pn_railsimatic_s7-plcsim_advancedsiplus_et_200sp_cpu_1512sp-1_pn_railSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIMATIC S7-1500 CPU 1512C-1 PNSIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1512SP-1 PNSIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIMATIC S7-1500 CPU 1515F-2 PNSIMATIC Drive Controller CPU 1504D TFSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-1500 CPU 1518-4 PN/DPSIPLUS S7-1500 CPU 1515R-2 PNSINUMERIK MCSIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSIPLUS S7-1500 CPU 1511F-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSIPLUS S7-1500 CPU 1518HF-4 PNSIPLUS ET 200SP CPU 1512SP-1 PNSIPLUS S7-1500 CPU 1515R-2 PN TX RAILSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC Drive Controller CPU 1507D TFSIPLUS ET 200SP CPU 1510SP F-1 PN RAILSIPLUS S7-1500 CPU 1515F-2 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIPLUS S7-1500 CPU 1511-1 PN T1 RAILSIMATIC S7-1500 CPU 1511T-1 PNSIMATIC S7-1500 Software ControllerSIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSIMATIC S7-1500 CPU 1514SPT F-2 PNSIPLUS ET 200SP CPU 1510SP-1 PN RAILSIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIPLUS ET 200SP CPU 1510SP F-1 PNSIPLUS S7-1500 CPU 1518F-4 PN/DPSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIPLUS ET 200SP CPU 1512SP F-1 PNSIPLUS S7-1500 CPU 1511-1 PNSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIPLUS ET 200SP CPU 1512SP-1 PN RAILSIMATIC S7-1500 CPU 1514SP-2 PNSIPLUS S7-1500 CPU 1511-1 PN TX RAILSIMATIC S7-1500 CPU 1518HF-4 PNSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1500 CPU 1512SP F-1 PNSIMATIC S7-1500 CPU 1513F-1 PNSIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1511C-1 PNSIMATIC S7-PLCSIM AdvancedSIMATIC S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1515R-2 PNSIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 CPU 1511TF-1 PNSIMATIC S7-1500 CPU 1517H-3 PNSIMATIC S7-1500 CPU 1515TF-2 PNSINUMERIK ONESIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1500 CPU 1517T-3 PN/DPSIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1500 CPU 1516F-3 PN/DPSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1516T-3 PN/DPSIPLUS ET 200SP CPU 1510SP-1 PNSIMATIC S7-1500 CPU 1518T-4 PN/DPSIMATIC S7-1500 CPU 1511-1 PNSIMATIC S7-1500 CPU 1510SP F-1 PNSIMATIC S7-1500 CPU 1514SP F-2 PNSIMATIC S7-1500 CPU 1514SPT-2 PNSIPLUS S7-1500 CPU 1518-4 PN/DPSIMATIC S7-1500 CPU 1510SP-1 PNSIMATIC S7-1500 CPU 1515T-2 PNSIMATIC S7-1500 CPU 1517F-3 PN/DPSIPLUS S7-1500 CPU 1515F-2 PN RAILSIPLUS S7-1500 CPU 1517H-3 PNSIMATIC S7-1500 CPU 1513R-1 PNSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIMATIC S7-1500 CPU 1518F-4 PN/DP
CWE ID-CWE-416
Use After Free
CVE-2019-12258
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-15.02% / 94.30%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 20:00
Updated-04 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.

Action-Not Available
Vendor-windriverbeldenn/aNetApp, Inc.Siemens AGSonicWall Inc.
Product-power_meter_9810_firmwarehirschmann_rsp20ruggedcom_win7025_firmwarehirschmann_ees25sonicoshirschmann_grs1030hirschmann_grs1142ruggedcom_win7018_firmwarehirschmann_rspe32hirschmann_grs1130garrettcom_magnum_dx940ehirschmann_rspe35hirschmann_eesx20hirschmann_rspe37ruggedcom_win7018power_meter_9410_firmwarehirschmann_grs1042siprotec_5_firmwareruggedcom_win7000ruggedcom_win7200hirschmann_rsp35garrettcom_magnum_dx940e_firmwaree-series_santricity_os_controllervxworkshirschmann_msp40hirschmann_octopus_os3hirschmann_rsp30hirschmann_dragon_mach4000hirschmann_dragon_mach4500hirschmann_msp32hirschmann_rsp25hirschmann_rail_switch_power_smarthirschmann_eesx30hirschmann_grs1020hirschmann_rail_switch_power_litehirschmann_eagle20hirschmann_eagle30hirschmann_hiosruggedcom_win7025hirschmann_rspe30hirschmann_eagle_oneruggedcom_win7200_firmwaresiprotec_5hirschmann_ees20hirschmann_red25power_meter_9410power_meter_9810ruggedcom_win7000_firmwarehirschmann_msp30hirschmann_grs1120n/a
CWE ID-CWE-384
Session Fixation
CVE-2023-46283
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.16%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-14 Jan, 2025 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalSIMATIC PCS neoTotally Integrated Automation Portal (TIA Portal) V18Opcenter Execution FoundationOpcenter QualityTotally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V15.1SINEC NMS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-46284
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.16%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-14 Jan, 2025 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalSIMATIC PCS neoTotally Integrated Automation Portal (TIA Portal) V18Opcenter Execution FoundationOpcenter QualityTotally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V15.1SINEC NMS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-2733
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.38% / 58.35%
||
7 Day CHG~0.00%
Published-19 Apr, 2014 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80.

Action-Not Available
Vendor-n/aSiemens AG
Product-sinema_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-46285
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.75%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-24 May, 2025 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalTotally Integrated Automation Portal (TIA Portal) V15.1Opcenter QualityTotally Integrated Automation Portal (TIA Portal) V18SINEC NMSSIMATIC PCS neoOpcenter Execution FoundationTotally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V17
CWE ID-CWE-20
Improper Input Validation
CVE-2001-0411
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.66% / 70.06%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet.

Action-Not Available
Vendor-n/aSiemens AG
Product-reliant_unixn/a
CVE-2014-2590
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.30% / 53.19%
||
7 Day CHG~0.00%
Published-28 Mar, 2014 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-ruggedcom_rugged_operating_systemruggedcom_rs950gruggedcom_rsg2488n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2014-1699
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.19% / 78.00%
||
7 Day CHG~0.00%
Published-07 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_open_architecturen/a
CVE-2021-20094
Matching Score-8
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-8
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-2.54% / 84.88%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 11:09
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server.

Action-Not Available
Vendor-wibun/aSiemens AG
Product-sicam_230pss_capesicam_230_firmwarecodemeterWibu-Systems CodeMeter
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19279
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.06%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_4siprotec_compactSIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules
CWE ID-CWE-20
Improper Input Validation
CVE-2019-18311
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.21% / 42.74%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18310. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-952
Not Available
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-26334
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-2.87% / 85.74%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x308-2m_ts_firmwarescalance_x307-3_firmwarescalance_xr324-12mscalance_x310fescalance_x310fe_firmwarescalance_xr324-4m_eecscalance_x308-2ldscalance_x320-1fe_firmwaresiplus_net_scalance_x308-2scalance_xr324-4m_poe_firmwarescalance_x308-2scalance_x307-2eecscalance_xr324-4m_eec_firmwarescalance_x308-2_firmwarescalance_x304-2fe_firmwarescalance_xr324-12m_ts_firmwarescalance_x306-1ldfe_firmwarescalance_x307-2eec_firmwarescalance_x320-1-2ldfesiplus_net_scalance_x308-2_firmwarescalance_x308-2lh_firmwarescalance_x302-7eec_firmwarescalance_x308-2lhscalance_x307-3ld_firmwarescalance_x310scalance_x320-1-2ldfe_firmwarescalance_xr324-12m_firmwarescalance_x308-2m_poe_firmwarescalance_x308-2lh\+scalance_x310_firmwarescalance_x308-2m_poescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xr324-12m_tsscalance_x308-2m_tsscalance_x308-2m_firmwarescalance_x320-1fescalance_x408-2scalance_xr324-4m_poescalance_x306-1ldfescalance_x307-3ldscalance_x308-2mscalance_x408-2_firmwarescalance_x307-3scalance_x304-2fescalance_xr324-4m_poe_tsscalance_xr324-4m_poe_ts_firmwarescalance_x302-7eecSCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE X307-3SCALANCE X308-2MSCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE X308-2M PoESCALANCE X310FESCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X308-2LH+SCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SCALANCE X307-3LDSCALANCE X308-2LHSCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SCALANCE X304-2FESCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE X307-2 EEC (230V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X320-1 FESCALANCE X302-7 EEC (2x 24V)SCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X307-2 EEC (2x 230V)SCALANCE X302-7 EEC (24V)SCALANCE X302-7 EEC (230V, coated)SCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X320-1-2LD FESCALANCE XR324-4M EEC (2x 24V, ports on rear)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8285
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.18%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 19:39
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle CorporationSplunk LLC (Cisco Systems, Inc.)Apple Inc.NetApp, Inc.Fedora ProjectCURLSiemens AGFujitsu Limited
Product-libcurlpeoplesoft_enterprise_peopletoolsm12-1communications_billing_and_revenue_managementhci_storage_nodem10-4s_firmwarehci_storage_node_firmwarehci_bootstrap_osmacosm10-4hci_compute_nodem10-4_firmwarecommunications_cloud_native_core_policym10-4suniversal_forwarderm12-1_firmwaresolidfiresinec_infrastructure_network_servicesm12-2sclustered_data_ontapdebian_linuxessbasehci_management_nodefedoramac_os_xm10-1_firmwarem10-1m12-2s_firmwarem12-2_firmwarem12-2https://github.com/curl/curl
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-7595
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.09%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 22:54
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

Action-Not Available
Vendor-n/aOracle CorporationNetApp, Inc.Canonical Ltd.Fedora ProjectSiemens AGlibxml2 (XMLSoft)Debian GNU/Linux
Product-ubuntu_linuxpeoplesoft_enterprise_peopletoolscommunications_cloud_native_core_network_function_cloud_native_environmenth300s_firmwareh410c_firmwarelibxml2h410sh300ssteelstore_cloud_integrated_storageh300e_firmwareclustered_data_ontapsnapdrivesmi-s_providersinema_remote_connect_serverh500efedorah500s_firmwareh500e_firmwareh700eenterprise_manager_ops_centerh300eh500ssymantec_netbackupmysql_workbenchdebian_linuxh410s_firmwareh700s_firmwareh410ch700e_firmwarereal_user_experience_insighth700senterprise_manager_base_platformn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-7793
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-7.5||HIGH
EPSS-3.57% / 87.26%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 13:25
Updated-16 Sep, 2024 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Action-Not Available
Vendor-ua-parser-js_projectn/aSiemens AG
Product-sinec_insua-parser-jsua-parser-js
CVE-2022-26649
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.6||CRITICAL
EPSS-1.15% / 77.64%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 10:06
Updated-21 Apr, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xf206-1_firmwarescalance_xf201-3p_irtscalance_x208_pro_firmwarescalance_x212-2ldscalance_x201-3p_irtscalance_x204-2ldscalance_xf208scalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_xf204irtscalance_xf204-2ba_irt_firmwarescalance_x206-1scalance_x204-2ld_ts_firmwarescalance_x204irtscalance_x201-3p_irt_proscalance_x204-2fmscalance_x204-2ld_tsscalance_x208scalance_x200-4p_irtscalance_x204irt_pro_firmwarescalance_x202-2irtscalance_x202-2p_irtscalance_x204-2scalance_x224scalance_x206-1_firmwarescalance_x204-2_firmwarescalance_xf204-2scalance_xf206-1scalance_x202-2p_irt_firmwarescalance_x206-1ld_firmwarescalance_x212-2ld_firmwarescalance_x212-2scalance_xf204_firmwarescalance_x204-2ts_firmwarescalance_xf204-2ba_irtscalance_x216_firmwarescalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_xf208_firmwarescalance_xf202-2p_irt_firmwarescalance_x208_firmwarescalance_x208_proscalance_xf204-2_firmwarescalance_x202-2p_irt_proscalance_x202-2irt_firmwarescalance_xf202-2p_irtscalance_x200-4p_irt_firmwarescalance_x204irt_proscalance_x216scalance_xf201-3p_irt_firmwarescalance_x204-2fm_firmwarescalance_x204-2tsscalance_xf204irt_firmwarescalance_x201-3p_irt_pro_firmwarescalance_x204irt_firmwarescalance_xf204scalance_x206-1ldscalance_x224_firmwareSCALANCE XF201-3P IRTSCALANCE XF204-2BA IRTSCALANCE X202-2P IRTSCALANCE X202-2P IRT PROSCALANCE X204-2TSSCALANCE X206-1SCALANCE XF204IRTSCALANCE X204IRTSCALANCE X200-4P IRTSCALANCE X224SCALANCE XF208SCALANCE X208SCALANCE XF204-2SCALANCE X204-2LD TSSCALANCE X208PROSCALANCE X204-2LDSCALANCE X204-2SCALANCE X216SCALANCE X212-2LDSCALANCE X201-3P IRT PROSCALANCE XF206-1SCALANCE X201-3P IRTSCALANCE X206-1LDSCALANCE X212-2SCALANCE XF202-2P IRTSCALANCE X204-2FMSCALANCE XF204SCALANCE X202-2IRTSCALANCE X204IRT PRO
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-26380
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.58% / 67.97%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:07
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_x308-2m_ts_firmwarescalance_x307-3_firmwarescalance_xr324-12mscalance_x310fescalance_x310fe_firmwarescalance_xr324-4m_eecscalance_x308-2ldscalance_x320-1fe_firmwaresiplus_net_scalance_x308-2scalance_xr324-4m_poe_firmwarescalance_x308-2scalance_x307-2eecscalance_xr324-4m_eec_firmwarescalance_x308-2_firmwarescalance_x304-2fe_firmwarescalance_xr324-12m_ts_firmwarescalance_x306-1ldfe_firmwarescalance_x307-2eec_firmwarescalance_x320-1-2ldfesiplus_net_scalance_x308-2_firmwarescalance_x308-2lh_firmwarescalance_x302-7eec_firmwarescalance_x308-2lhscalance_x307-3ld_firmwarescalance_x310scalance_x320-1-2ldfe_firmwarescalance_xr324-12m_firmwarescalance_x308-2m_poe_firmwarescalance_x308-2lh\+scalance_x310_firmwarescalance_x308-2m_poescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xr324-12m_tsscalance_x308-2m_tsscalance_x308-2m_firmwarescalance_x320-1fescalance_x408-2scalance_xr324-4m_poescalance_x306-1ldfescalance_x307-3ldscalance_x308-2mscalance_x408-2_firmwarescalance_x307-3scalance_x304-2fescalance_xr324-4m_poe_tsscalance_xr324-4m_poe_ts_firmwarescalance_x302-7eecSCALANCE XR324-12M TS (24V)SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE XR324-12M (230V, ports on rear)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE X307-3SCALANCE X308-2MSCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE X308-2M PoESCALANCE X310FESCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE X308-2LH+SCALANCE X302-7 EEC (24V, coated)SCALANCE X307-2 EEC (230V, coated)SCALANCE X307-3LDSCALANCE X308-2LHSCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SIPLUS NET SCALANCE X308-2SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SCALANCE X304-2FESCALANCE X310SCALANCE X307-2 EEC (2x 24V)SCALANCE X307-2 EEC (230V)SCALANCE XR324-12M (24V, ports on front)SCALANCE X320-1 FESCALANCE X302-7 EEC (2x 24V)SCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE X307-2 EEC (2x 230V)SCALANCE X302-7 EEC (24V)SCALANCE X302-7 EEC (230V, coated)SCALANCE X302-7 EEC (2x 230V, coated)SCALANCE X320-1-2LD FESCALANCE XR324-4M EEC (2x 24V, ports on rear)SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-12M (230V, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on front)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-25314
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-18 Feb, 2022 | 04:25
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.

Action-Not Available
Vendor-libexpat_projectn/aSiemens AGOracle CorporationDebian GNU/LinuxFedora Project
Product-debian_linuxzfs_storage_appliance_kitlibexpatsinema_remote_connect_serverhttp_serverfedoran/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-7588
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 59.80%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.

Action-Not Available
Vendor-Siemens AG
Product-simatic_notifier_serversimatic_step_7opcenter_intelligencesimatic_it_production_suitesimatic_it_lmssimatic_pcs_neoopcenter_execution_processsoft_starter_esopcenter_qualitysimocode_esopcenter_rd\&lopcenter_execution_discreteopcenter_execution_foundationSIMATIC Notifier Server for WindowsOpcenter Execution DiscreteOpcenter RD&LOpcenter Execution FoundationSIMATIC IT Production SuiteSoft Starter ES V16Opcenter QualitySIMATIC STEP 7 (TIA Portal) V16SIMATIC PCS neoSoft Starter ES V15.1SIMATIC STEP 7 (TIA Portal) V15SIMATIC IT LMSSIMOCODE ES V16Opcenter Execution ProcessSIMOCODE ES V15.1Opcenter Intelligence
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43723
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.76%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the application crashes. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.

Action-Not Available
Vendor-Siemens AG
Product-sicam_pas\/pqsSICAM PAS/PQS
CWE ID-CWE-1287
Improper Validation of Specified Type of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2002-0122
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.32% / 79.04%
||
7 Day CHG~0.00%
Published-15 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.

Action-Not Available
Vendor-n/aSiemens AG
Product-3568i_wapn/a
CVE-2020-36475
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.31%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.

Action-Not Available
Vendor-n/aArm LimitedDebian GNU/LinuxSiemens AG
Product-debian_linuxlogo\!_cmr2040_firmwaresimatic_rtu3031c_firmwaresimatic_rtu3030csimatic_rtu3041c_firmwaresimatic_rtu3041clogo\!_cmr2040simatic_rtu3000clogo\!_cmr2020simatic_rtu3031csimatic_rtu3000c_firmwarelogo\!_cmr2020_firmwaresimatic_rtu3030c_firmwarembed_tlsn/a
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2020-35684
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 71.02%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 11:19
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).

Action-Not Available
Vendor-hcc-embeddedn/aSiemens AG
Product-sentron_3wa_com190_firmwaresentron_3wl_com35_firmwaresentron_3wa_com190sentron_3wl_com35nichestackn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-35683
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.41%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 11:13
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.

Action-Not Available
Vendor-hcc-embeddedn/aSiemens AG
Product-7km9300-0ae02-0aa0nichestack7km9300-0ae02-0aa0_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-28500
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 42.55%
||
7 Day CHG~0.00%
Published-15 Feb, 2021 | 11:10
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

Action-Not Available
Vendor-lodashn/aOracle CorporationSiemens AG
Product-peoplesoft_enterprise_peopletoolsprimavera_unifiersinec_insfinancial_services_crime_and_compliance_management_studioprimavera_gatewaylodashhealth_sciences_data_management_workbenchcommunications_cloud_native_core_policybanking_trade_finance_process_managementbanking_supply_chain_financecommunications_design_studiobanking_credit_facilities_process_managementbanking_corporate_lending_process_managementbanking_extensibility_workbenchcommunications_session_border_controllercommunications_services_gatekeeperenterprise_communications_brokerjd_edwards_enterpriseone_toolsretail_customer_management_and_segmentation_foundationLodash
CVE-2020-28393
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.53% / 66.19%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4).

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_xm416-4c_l3scalance_xr526scalance_xm408-8cscalance_xm416-4c_firmwarescalance_xr552_firmwarescalance_xr552scalance_xm408-4c_firmwarescalance_xm416-4cscalance_xr528scalance_xr528_firmwarescalance_xm-400_firmwarescalance_xm408-4cscalance_xm408-4c_l3_firmwarescalance_xm416-4c_l3_firmwarescalance_xm408-8c_l3_firmwarescalance_xr526_firmwarescalance_xm408-8c_l3scalance_xm408-4c_l3scalance_xr524scalance_xm408-8c_firmwarescalance_xr524_firmwarescalance_xm-400SCALANCE XM-400, XR-500
CWE ID-CWE-682
Incorrect Calculation
CVE-2020-28400
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.90% / 74.76%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:02
Updated-10 Dec, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xf206-1_firmwarescalance_x201-3p_irtscalance_xr324-4m_eecruggedcom_rm1224_firmwarescalance_x206-1scalance_x320-1fe_firmwareek-ertec_200_evaulation_kit_firmwarescalance_xp-200scalance_xr324-4m_eec_firmwarescalance_xf-200bascalance_x208simatic_mv500softnet-ie_pnioscalance_x204-2_scalance_x206-1_firmwarescalance_s615_firmwarescalance_x204_irtscalance_m-800_firmwarescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xc-200_firmwarescalance_xf204-2ba_irtscalance_xr324-12m_tssimatic_profinet_driver_firmwarescalance_xf208_firmwarescalance_xr-300wg_firmwarescalance_x306-1ldfescalance_x202-2p_irt_proscalance_x304-2fescalance_x204-2fm_firmwarescalance_x204-2tssimatic_mv500_firmwarescalance_xr324-4m_poe_ts_firmwarescalance_xf204scalance_x200-4_p_irtscalance_x308-2lh\+scalance_xm400scalance_x307-3_firmwarescalance_xf204_irtscalance_xf-200ba_firmwarescalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_x310fe_firmwarescalance_xf204-2ba_irt_firmwarescalance_x308-2ldscalance_w700simocode_prov_ethernet\/ipsimatic_net_cp1604_firmwarescalance_x308-2scalance_xr324-12m_ts_firmwareruggedcom_rm1224scalance_x204-2ld_tsscalance_s615scalance_x224simatic_net_cm_1542-1scalance_x302-7eec_firmwarescalance_x212-2ld_firmwarescalance_x204_irt_firmwarescalance_x200-4_p_irt_firmwarescalance_x308-2m_tsscalance_xr324-4m_poeek-ertec_200p_evaluation_kitsimocode_prov_profinetscalance_w700_firmwarescalance_x307-3ldscalance_x204_irt_pro_firmwareek-ertec_200_evaulation_kitscalance_w1700_firmwarescalance_xf201-3p_irt_firmwarescalance_xb-200_firmwaresimatic_net_cp1616_firmwarescalance_xc-200scalance_xr324-4m_poe_tssimatic_net_cp1616scalance_m-800scalance_x201-3p_irt_pro_firmwaresimatic_cfu_pa_firmwarescalance_x208pro_firmwarescalance_xr324-12mscalance_x212-2ldsimatic_s7-1200scalance_x310fesimatic_cfu_pasimocode_prov_profinet_firmwarescalance_xr-300wgscalance_x201-3p_irt_prosimatic_power_line_booster_plbscalance_x308-2_firmwarescalance_x204-2fmscalance_xm400_firmwaresimatic_power_line_booster_plb_firmwaresimocode_prov_ethernet\/ip_firmwarescalance_x306-1ldfe_firmwarescalance_x320-3ldfe_firmwarescalance_x307-3ld_firmwarescalance_x308-2lhscalance_x310simatic_net_cm_1542-1_firmwarescalance_x308-2m_poe_firmwarescalance_x308-2m_poescalance_x202-2_irtscalance_xf204_firmwarescalance_x308-2m_firmwarescalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_x204_irt_proscalance_xf204-2_firmwarescalance_xf202-2p_irtscalance_x308-2mscalance_xr500_firmwarescalance_x202-2_irt_firmwarescalance_x206-1ldscalance_w1700scalance_xf204_irt_firmwarescalance_x308-2m_ts_firmwarescalance_xf201-3p_irtscalance_x204-2ldscalance_xf208simatic_net_dk-16xx_pn_ioscalance_xr324-4m_poe_firmwarescalance_x204-2ld_ts_firmwarescalance_x307-2eecscalance_x304-2fe_firmwaredk_standard_ethernet_controller_evaluation_kitsimatic_profinet_driverdk_standard_ethernet_controller_evaluation_kit_firmwarescalance_x307-2eec_firmwarescalance_x308-2lh_firmwarescalance_x320-3ldfeek-ertec_200p_evaluation_kit_firmwarescalance_x204-2_firmwarescalance_xf206-1scalance_xr324-12m_firmwaresimatic_s7-1200_firmwarescalance_x310_firmwarescalance_x206-1ld_firmwarescalance_xp-200_firmwarescalance_x212-2simatic_net_cp1626_firmwarescalance_x204-2ts_firmwarescalance_x208proscalance_x320-1fescalance_x216_firmwarescalance_xb-200scalance_xf202-2p_irt_firmwaresoftnet-ie_pnio_firmwarescalance_x208_firmwarescalance_xr500simatic_ie\/pb-link_v3simatic_ie\/pb-link_v3_firmwarescalance_x307-3simatic_net_cp1626scalance_x216simatic_net_cp1604scalance_xf204-2_scalance_x224_firmwarescalance_x302-7eecSCALANCE XF208SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE X204IRTSIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)SCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE X307-2 EEC (2x 24V, coated)SCALANCE X204-2TSSCALANCE X307-3SCALANCE XR324-12M (24V, ports on rear)SCALANCE X308-2SCALANCE XB205-3 (ST, PN)SCALANCE XC208GSCALANCE XR552-12M (2HR2)SCALANCE X307-2 EEC (230V, coated)SCALANCE XM416-4CSCALANCE XB216 (E/IP)SCALANCE XC216-3G PoE (54 V DC)SCALANCE W1788-2 EEC M12SIPLUS NET SCALANCE X308-2RUGGEDCOM RM1224 LTE(4G) EUSCALANCE XR526-8C, 24V (L3 int.)SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE XR326-2C PoE WG (without UL)SCALANCE W788-1 RJ45SCALANCE X202-2P IRTSCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X302-7 EEC (230V)SIMATIC MV550 SSIMOCODE pro V PROFINET (incl. SIPLUS variants)SCALANCE W1748-1 M12SOFTNET-IE PNIOSCALANCE S615 LAN-RouterSCALANCE X206-1LDSCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XC224-4C G (EIP Def.)SCALANCE W738-1 M12SIMATIC CP 1626SCALANCE XP216SIMATIC CFU PASCALANCE MUM853-1 (EU)SCALANCE M876-4SCALANCE W788-2 RJ45SCALANCE XC206-2SFP G EECSCALANCE XF204IRTSCALANCE X307-2 EEC (2x 230V)SCALANCE XB205-3 (SC, PN)SCALANCE XM408-4C (L3 int.)SCALANCE M826-2 SHDSL-RouterSCALANCE X204IRT PROSCALANCE MUM856-1 (CN)SCALANCE XB213-3 (ST, E/IP)SCALANCE XR526-8C, 2x230VSCALANCE W778-1 M12SCALANCE XB213-3 (SC, PN)SCALANCE W786-1 RJ45SCALANCE W774-1 M12 EECSCALANCE X201-3P IRTSCALANCE XC208G (EIP def.)SCALANCE M804PBSCALANCE XB213-3LD (SC, PN)SCALANCE XB205-3LD (SC, PN)SCALANCE XC224-4C GSIMATIC NET DK-16xx PN IOSIMATIC S7-1200 CPU family (incl. SIPLUS variants)Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSCALANCE XC208G PoE (54 V DC)SCALANCE X206-1SCALANCE XF204SCALANCE XR524-8C, 2x230VDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SCALANCE X308-2LHSIMATIC MV560 USCALANCE XF204-2SCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XR324-4M PoE (24V, ports on front)SCALANCE XM408-8C (L3 int.)SCALANCE X302-7 EEC (2x 230V)SCALANCE X408-2SCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XC206-2SFPSIMATIC MV550 HSCALANCE XF201-3P IRTSCALANCE XB205-3 (ST, E/IP)SCALANCE W774-1 RJ45 (USA)SCALANCE W1788-2IA M12SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE M816-1 ADSL-RouterSCALANCE XB216 (PN)SIMATIC MV540 SSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE MUM856-1 (A1)SCALANCE M812-1 ADSL-RouterSCALANCE X307-2 EEC (2x 24V)SCALANCE XC206-2 (SC)SCALANCE XC216-3G PoESCALANCE XB213-3 (ST, PN)SCALANCE X212-2SCALANCE W788-2 M12SCALANCE XM416-4C (L3 int.)SCALANCE X306-1LD FESCALANCE X308-2M TSSCALANCE XR528-6M (2HR2)SCALANCE M876-3SCALANCE XC216-4CSIMATIC MV540 HSCALANCE XP216 (Ethernet/IP)SCALANCE X201-3P IRT PROSCALANCE X302-7 EEC (2x 230V, coated)SCALANCE W748-1 M12SIPLUS NET SCALANCE XC216-4CSCALANCE X320-1-2LD FESCALANCE XB213-3LD (SC, E/IP)SCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE XC208G EECSCALANCE XR524-8C, 1x230V (L3 int.)SCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XR324-12M TS (24V)SCALANCE XR324-12M (230V, ports on rear)SCALANCE XB208 (PN)SCALANCE XP208SCALANCE XF204-2BA IRTSCALANCE XB208 (E/IP)SCALANCE XF204 DNASCALANCE X204-2FMSCALANCE XR524-8C, 24VSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SIMATIC CM 1542-1SCALANCE X204-2LD TSSCALANCE XM408-4CSCALANCE XR324-12M (230V, ports on front)SCALANCE XP208PoE EECSCALANCE X302-7 EEC (24V, coated)SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SCALANCE W774-1 RJ45SCALANCE XR526-8C, 1x230V (L3 int.)SCALANCE X224SCALANCE W786-2 SFPSCALANCE XR524-8C, 2x230V (L3 int.)SCALANCE XC216EECSCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XR552-12MSCALANCE XC216-4C G (EIP Def.)SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SIPLUS NET SCALANCE XC208SCALANCE MUM853-1 (A1)SCALANCE M876-4 (NAM)SCALANCE W1788-2 M12SCALANCE W788-1 M12SCALANCE XP208EECSCALANCE M874-3SCALANCE X308-2LDSCALANCE X307-2 EEC (24V)SCALANCE MUM856-1 (B1)SCALANCE XR524-8C, 1x230VSCALANCE XF204-2BASCALANCE XR528-6MSCALANCE X208SCALANCE M876-3 (ROK)SCALANCE X304-2FESCALANCE W748-1 RJ45SCALANCE XC208EECSCALANCE X307-2 EEC (230V)SIPLUS NET SCALANCE XC206-2SCALANCE MUM856-1 (EU)SCALANCE W721-1 RJ45SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)SIMATIC MV560 XSCALANCE X302-7 EEC (2x 24V)SCALANCE W722-1 RJ45SCALANCE XC208G PoESCALANCE XP216EECSCALANCE S615 EEC LAN-RouterSCALANCE XR526-8C, 24VSCALANCE W734-1 RJ45 (USA)SCALANCE XR552-12M (2HR2, L3 int.)SIMATIC CP 1604SCALANCE X208PROSCALANCE XF204-2BA DNASCALANCE XM408-8CSCALANCE X212-2LDSCALANCE XC216-4C GSCALANCE XC224SCALANCE X302-7 EEC (24V)SCALANCE MUM856-1 (RoW)SCALANCE W778-1 M12 EECSCALANCE X204-2SCALANCE XF206-1SCALANCE W1788-1 M12SCALANCE XR324-4M EEC (2x 24V, ports on rear)SCALANCE W788-2 M12 EECSCALANCE XR524-8C, 24V (L3 int.)SCALANCE XR526-8C, 1x230VSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SCALANCE XR324-4M PoE (24V, ports on rear)SIPLUS NET SCALANCE XC206-2SFPSIMATIC IE/PB-LINKSCALANCE W778-1 M12 EEC (USA)SCALANCE X204-2LDSCALANCE X308-2MSCALANCE XC206-2G PoE (54 V DC)SCALANCE XC206-2 (ST/BFOC)SCALANCE XC224-4C G EECSCALANCE X308-2M PoESCALANCE X310FESIMATIC CP 1616SCALANCE X308-2LH+SCALANCE XP216POE EECSIMATIC CFU DIQRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE X307-3LDSIMATIC Power Line Booster PLB, Base ModuleDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIMATIC PROFINET DriverSCALANCE XR526-8C, 2x230V (L3 int.)SCALANCE XF202-2P IRTSCALANCE W734-1 RJ45SCALANCE W786-2 RJ45SCALANCE X307-2 EEC (24V, coated)SCALANCE X307-2 EEC (2x 230V, coated)SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE M874-3 3G-Router (CN)SCALANCE XC206-2G PoESCALANCE W786-2IA RJ45SCALANCE X202-2P IRT PROSCALANCE X310SCALANCE XR528-6M (2HR2, L3 int.)SCALANCE XR324-12M (24V, ports on front)SCALANCE X320-1 FESCALANCE XC206-2SFP GSCALANCE XC206-2SFP EECSCALANCE MUM853-1 (B1)SCALANCE M874-2SCALANCE XR528-6M (L3 int.)SCALANCE XR324-4M PoE (230V, ports on front)SCALANCE XC216-4C G EECSCALANCE W761-1 RJ45SCALANCE X216SCALANCE XR326-2C PoE WGSCALANCE XC216SCALANCE X302-7 EEC (230V, coated)SCALANCE X200-4P IRTSCALANCE XB205-3LD (SC, E/IP)SCALANCE XB213-3 (SC, E/IP)SCALANCE XP208 (Ethernet/IP)SCALANCE M876-4 (EU)SCALANCE X202-2IRTSCALANCE XC208SCALANCE XR324-4M EEC (2x 24V, ports on front)scalence_x204_2fmscalancce_x204_2scalance_x200_4p_irtscalance_m876_3_rokscalance_w1788_1_m12scalance_m816_1_adsl_router_annex_ascalance_m876_3_evdoscalance_w1788_2_eec_m12ruggedcom_rm1224development_evaluation_kits_for_profinet_io_dk_standard_ethernet_controllerscalance_s615scalance_w1748_1_m12scalance_w1788_2_m12scalence_m874_2scalance_m876_4_namscalence_x204_2ld_tsscalance_x201_3p_irt_proscalance_m812-1_adsl-router_annex_bscalance_m812-1_adsl-router_annex_ascalancce_x202_2p_irtscalance_w1788_2ia_m12scalance_m816-1_adsl-router_annex_bscalence_x204_2lddevelopment_evaluation_kits_for_profinet_io_ek_ertec_200scalance_x201_3p_irtscalance_m804pbscalence_x204_2tsdevelopment_evaluation_kits_for_profinet_io_ek_ertec_200pscalence_202_2p_irt_proscalence_m874_3scalance_m876_4_euscalance_w700_ieee_802.11n_familyscalance_m826-2_shdsl-router
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-40575
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.78%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2020-25241
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.17%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 17:03
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.

Action-Not Available
Vendor-Siemens AG
Product-simatic_mv420_sr-p_firmwaresimatic_mv440_srsimatic_mv420_sr-b_firmwaresimatic_mv420_sr-psimatic_mv440_sr_firmwaresimatic_mv420_sr-b_body_firmwaresimatic_mv420_sr-b_bodysimatic_mv440_ur_firmwaresimatic_mv420_sr-bsimatic_mv440_ursimatic_mv420_sr-p_body_firmwaresimatic_mv440_hrsimatic_mv440_hr_firmwaresimatic_mv420_sr-p_bodySIMATIC MV400 family
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2025-30176
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.58%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-Totally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-30175
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.58%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-Totally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-30174
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.58%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-Totally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-8276
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-0.85% / 73.89%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8269
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-0.85% / 73.89%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-17 Sep, 2024 | 00:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-38380
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.09% / 25.90%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:26
Updated-02 Aug, 2024 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.

Action-Not Available
Vendor-Siemens AG
Product-6gk7243-8rx30-0xe0_firmwaresimatic_cp_1243-7_lte_firmware6ag1543-1ax00-2xe0_firmwaresimatic_cp_1243-1_dnp36gk7543-1ax00-0xe0_firmwaresimatic_cp_1243-1_iec_firmwaresimatic_cp_1243-1_firmwaresimatic_cp_1243-1sinamics_s2106gk7243-8rx30-0xe0sinamics_s210_firmwaresimatic_cp_1243-1_dnp3_firmwaresimatic_cp_1242-7_v26ag1543-1ax00-2xe0simatic_cp_1242-7_v2_firmwaresimatic_cp_1243-1_iec6gk7543-1ax00-0xe0simatic_cp_1243-7_lteSIMATIC CP 1243-7 LTESIPLUS NET CP 1543-1SIMATIC CP 1542SP-1SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)SIMATIC CP 1543-1SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)SIPLUS ET 200SP CP 1543SP-1 ISECSINAMICS S210 (6SL5...)SIPLUS ET 200SP CP 1542SP-1 IRC TX RAILSIMATIC CP 1243-8 IRCSIMATIC CP 1542SP-1 IRCSIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)SIMATIC CP 1543SP-1SIMATIC CP 1243-1 (incl. SIPLUS variants)SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 29
  • 30
  • Next
Details not found