Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-19279

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-10 Mar, 2020 | 19:16
Updated At-05 Aug, 2024 | 02:09
Rejected At-
Credits

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:10 Mar, 2020 | 19:16
Updated At:05 Aug, 2024 | 02:09
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Affected Products
Vendor
Siemens AGSiemens AG
Product
SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules
Versions
Affected
  • All versions
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:10 Mar, 2020 | 20:15
Updated At:13 Mar, 2020 | 19:49

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Siemens AG
siemens
>>siprotec_4>>*
cpe:2.3:a:siemens:siprotec_4:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siprotec_compact>>*
cpe:2.3:a:siemens:siprotec_compact:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondaryproductcert@siemens.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1329Records found
CVE-2024-37993
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.15% / 36.66%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-18 Sep, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_reader_rf650r_fcc_firmwaresimatic_reader_rf680r_cmiitsimatic_rf1170r_firmwaresimatic_reader_rf650r_cmiit_firmwaresimatic_reader_rf685r_fccsimatic_reader_rf650r_aribsimatic_reader_rf615r_etsi_firmwaresimatic_rf360rsimatic_reader_rf680r_fccsimatic_reader_rf610r_fccsimatic_reader_rf610r_etsi_firmwaresimatic_reader_rf685r_arib_firmwaresimatic_reader_rf615r_cmiitsimatic_rf186c_firmwaresimatic_reader_rf685r_fcc_firmwaresimatic_rf188c_firmwaresimatic_reader_rf680r_cmiit_firmwaresimatic_reader_rf685r_etsisimatic_rf185csimatic_rf360r_firmwaresimatic_rf1140r_firmwaresimatic_rf186cisimatic_rf1140rsimatic_rf188csimatic_reader_rf610r_cmiit_firmwaresimatic_reader_rf610r_fcc_firmwaresimatic_rf185c_firmwaresimatic_reader_rf615r_fccsimatic_reader_rf680r_etsisimatic_reader_rf615r_fcc_firmwaresimatic_reader_rf680r_fcc_firmwaresimatic_reader_rf610r_etsisimatic_reader_rf685r_cmiit_firmwaresimatic_reader_rf680r_arib_firmwaresimatic_rf186ci_firmwaresimatic_rf166c_firmwaresimatic_rf188ci_firmwaresimatic_reader_rf650r_fccsimatic_reader_rf650r_cmiitsimatic_reader_rf685r_cmiitsimatic_rf166csimatic_reader_rf680r_aribsimatic_rf1170rsimatic_reader_rf650r_etsisimatic_reader_rf610r_cmiitsimatic_reader_rf650r_arib_firmwaresimatic_reader_rf680r_etsi_firmwaresimatic_reader_rf615r_etsisimatic_reader_rf650r_etsi_firmwaresimatic_rf186csimatic_reader_rf685r_aribsimatic_reader_rf615r_cmiit_firmwaresimatic_reader_rf685r_etsi_firmwaresimatic_rf188ciSIMATIC Reader RF650R ARIBSIMATIC Reader RF650R ETSISIMATIC Reader RF680R CMIITSIMATIC Reader RF615R ETSISIMATIC RF166CSIMATIC Reader RF685R CMIITSIMATIC RF185CSIMATIC Reader RF610R CMIITSIMATIC Reader RF685R ETSISIMATIC Reader RF615R CMIITSIMATIC RF188CISIMATIC Reader RF610R ETSISIMATIC Reader RF685R FCCSIMATIC Reader RF615R FCCSIMATIC RF186CSIMATIC RF360RSIMATIC Reader RF680R ARIBSIMATIC RF1140RSIMATIC Reader RF685R ARIBSIMATIC RF1170RSIMATIC Reader RF680R ETSISIMATIC RF188CSIMATIC Reader RF610R FCCSIMATIC Reader RF650R CMIITSIMATIC RF186CISIMATIC Reader RF680R FCCSIMATIC Reader RF650R FCC
CWE ID-CWE-284
Improper Access Control
CVE-2022-39158
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 51.48%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 00:00
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2300pruggedcom_rsg907rruggedcom_rst916pruggedcom_rsg910cruggedcom_rsl910ruggedcom_rs900_\(32m\)ruggedcom_rosruggedcom_rsg920pruggedcom_rsg2300ruggedcom_rs416v2ruggedcom_rst916cruggedcom_rst2228ruggedcom_rst2228pruggedcom_rmc8388ruggedcom_rsg909rruggedcom_rsg908cruggedcom_rs416pv2ruggedcom_rsg2488ruggedcom_rsg2288ruggedcom_rs900g_\(32m\)RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-5374
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-85.01% / 99.30%
||
7 Day CHG~0.00%
Published-18 Jul, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device.

Action-Not Available
Vendor-n/aSiemens AG
Product-siprotec_firmwaresiprotec_4siprotec_compactn/a
CVE-2015-5219
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.64% / 87.38%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Oracle CorporationFedora ProjectopenSUSENovellSiemens AG
Product-enterprise_linux_desktoplinuxenterprise_linux_workstationfedoralinux_enterprise_serverleapenterprise_linux_serverdebian_linuxlinux_enterprise_debuginfotim_4r-ientptim_4r-id_dnp3tim_4r-id_dnp3_firmwareopenstack_cloudmanager_proxyenterprise_linux_hpc_nodetim_4r-ie_firmwareubuntu_linuxmanagern/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2024-27942
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.60%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-06 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of service situation.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOWruggedcom_crossbow
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2014-8478
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.51% / 65.22%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to cause a denial of service (reboot) via malformed HTTP requests.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x-408_firmwarescalance_x-300poescalance_xr-300poescalance_x-300eecscalance_x-408scalance_x-300scalance_xr-300eecscalance_x-300_series_firmwarescalance_xr-300n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2012-1802
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-3.89% / 87.79%
||
7 Day CHG~0.00%
Published-18 Apr, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x-300scalance_x414-3e_firmwarescalance_x414-3escalance_xr-300scalance_x-300eecscalance_xr-300_firmwarescalance_x-300_firmwarescalance_x-300eec_firmwarescalance_x308-2m_firmwarescalance_x308-2mn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-22040
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.02%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 10:21
Updated-01 Aug, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread. This could allow an unauthenticated remote attacker to crash the network service.

Action-Not Available
Vendor-Siemens AG
Product-Cerberus PRO EN Fire Panel FC72x IP7Sinteso FS20 EN X300 Cloud Distribution MP7Sinteso MobileCerberus PRO UL X300 Cloud DistributionSinteso FS20 EN Engineering ToolDesigo Fire Safety UL Compact Panel FC2025/2050Desigo Fire Safety UL Engineering ToolSinteso FS20 EN X200 Cloud Distribution MP8Cerberus PRO UL Engineering ToolSinteso FS20 EN Fire Panel FC20 MP8Sinteso FS20 EN X300 Cloud Distribution MP8Cerberus PRO UL Compact Panel FC922/924Sinteso FS20 EN Fire Panel FC20 MP7Cerberus PRO EN Fire Panel FC72x IP8Cerberus PRO EN X300 Cloud Distribution IP7Desigo Fire Safety UL X300 Cloud DistributionCerberus PRO EN Engineering ToolSinteso FS20 EN X200 Cloud Distribution MP7Cerberus PRO EN Fire Panel FC72x IP6Cerberus PRO EN X200 Cloud Distribution IP7Sinteso FS20 EN Fire Panel FC20 MP6Cerberus PRO EN X200 Cloud Distribution IP8Cerberus PRO EN X300 Cloud Distribution IP8cerberus_pro_ul_engineering_toolsinteso_fs20_en_engineering_toolcerberus_pro_ul_compact_panelcerberus_pro_en_fire_panel_fc72xcerberus_pro_en_engineering_toolcerberus_pro_en_x300_cloud_distributioncerberus_pro_ul_x300_cloudsinteso_fs20_en_x300_cloud_distributiondesigo_fire_safety_ul_engineering_tooldesigo_fire_safety_ul_compact_panelsinteso_fs20_en_fire_panel_fc20sinteso_mobilesinteso_fs20_en_x200_cloud_distributioncerberus_pro_en_x200_cloud_distribution
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-22044
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.64%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 10:21
Updated-26 Aug, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75) (All versions). Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service condition that forces the device to reboot.

Action-Not Available
Vendor-Siemens AG
Product-SENTRON 3KC ATC6 Expansion Module Ethernetsentron_3kc_act6
CWE ID-CWE-912
Hidden Functionality
CVE-2022-38371
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.51% / 65.58%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-13 May, 2025 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC00-U (All versions >= V2.3 < V6.30.37), Desigo PXC001-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC100-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC12-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC128-U (All versions >= V2.3 < V6.30.37), Desigo PXC200-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC50-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC64-U (All versions >= V2.3 < V6.30.37), Desigo PXM20-E (All versions >= V2.3 < V6.30.37), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.

Action-Not Available
Vendor-Siemens AG
Product-talon_tc_compactdesigo_pxm20-edesigo_pxc22.1-e.dapogee_pxc_compactdesigo_pxc001-e.d_firmwaredesigo_pxc12-e.dapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwaredesigo_pxc200-e.d_firmwareapogee_modular_equiment_controllerdesigo_pxc100-e.dapogee_modular_building_controllerdesigo_pxc001-e.dapogee_pxc_modular_firmwaredesigo_pxc22.1-e.d_firmwaredesigo_pxc50-e.dapogee_modular_building_controller_firmwaredesigo_pxc12-e.d_firmwaredesigo_pxc22-e.ddesigo_pxc22-e.d_firmwaredesigo_pxc00-u_firmwarenucleus_readystart_v3desigo_pxc00-e.ddesigo_pxc100-e.d_firmwaredesigo_pxc200-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc50-e.d_firmwarenucleus_netdesigo_pxc64-utalon_tc_compact_firmwaredesigo_pxc36.1-e.d_firmwaredesigo_pxc64-u_firmwaredesigo_pxc128-udesigo_pxc00-uapogee_pxc_modulardesigo_pxm20-e_firmwaredesigo_pxc36.1-e.ddesigo_pxc128-u_firmwarenucleus_source_codeDesigo PXC22.1-E.DAPOGEE PXC Modular (P2 Ethernet)Nucleus ReadyStart V3 V2017Desigo PXC50-E.DDesigo PXC64-UDesigo PXC001-E.DAPOGEE PXC Compact (P2 Ethernet)Desigo PXC36.1-E.DNucleus NET for Nucleus PLUS V1TALON TC Compact (BACnet)APOGEE PXC Modular (BACnet)APOGEE MBC (PPC) (P2 Ethernet)Desigo PXC22-E.DTALON TC Modular (BACnet)Desigo PXC100-E.DAPOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (BACnet)Desigo PXC00-UDesigo PXC00-E.DDesigo PXC200-E.DDesigo PXM20-EAPOGEE MEC (PPC) (P2 Ethernet)APOGEE MBC (PPC) (BACnet)Nucleus Source CodeDesigo PXC12-E.DNucleus NET for Nucleus PLUS V2Desigo PXC128-UNucleus ReadyStart V3 V2012
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2022-36324
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.26% / 78.57%
||
7 Day CHG~0.00%
Published-10 Aug, 2022 | 11:18
Updated-21 Apr, 2025 | 13:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xc208scalance_xb205-3scalance_xc216eec_firmwarescalance_xr552_firmwarescalance_xr324-4m_eecscalance_xp-200scalance_xp208scalance_xc206-2sfp_g_\(e\/ip\)scalance_xc224-4c_g_eec_firmwarescalance_xr324-4m_eec_firmwarescalance_xr-300eec_firmwarescalance_xf-200bascalance_xc206-2sfp_g_eec_firmwarescalance_xp216scalance_xb213-3_firmwarescalance_xr528-6m_2hr2_firmwarescalance_xr-300_firmwarescalance_xb205-3ldscalance_xc208g_eecscalance_s615_firmwarescalance_xr528-6m_2hr2scalance_xc206-2sfp_g_firmwarescalance_xr326-2c_poe_wg_firmwarescalance_xr528-6m_firmwarescalance_xr552-12m_2hr2_l3scalance_m-800_firmwarescalance_xb205-3_firmwarescalance_xc216-4c_g_\(e\/ip\)_firmwarescalance_xp216poe_eec_firmwarescalance_xb216_firmwarescalance_w700_ieee_802.11ax_firmwarescalance_xb213-3ldscalance_xc-200_firmwarescalance_xf204-2ba_irtscalance_xr324-12m_tsscalance_xc206-2g_poe__firmwarescalance_xr-300wg_firmwarescalance_xc208g_eec_firmwarescalance_xr-300scalance_xm408-8c_l3_firmwarescalance_xr324-4m_poe_ts_firmwarescalance_xr524scalance_xc208eec_firmwarescalance_xm400scalance_xc208g_poescalance_xc224-4c_g_\(e\/ip\)_firmwarescalance_xm408-8cscalance_xf-200ba_firmwarescalance_xb213-3ld_firmwarescalance_xf204-2ba_irt_firmwarescalance_w700_ieee_802.11acscalance_xc216scalance_xr324-12m_ts_firmwarescalance_xc206-2sfp_g_eecscalance_s615scalance_xr526-8c_l3scalance_xc206-2sfp_g_\(e\/ip\)_firmwarescalance_xp216eec_firmwarescalance_xm408-8c_l3scalance_xc208g_\(e\/ip\)_firmwarescalance_xp208eecscalance_xr526-8c_l3_firmwarescalance_xm408-8c_firmwarescalance_xb208scalance_xr-300poe_firmwarescalance_xr324-4m_poescalance_xc206-2g_poe_eecscalance_xc216-4c_g_firmwarescalance_xc206-2g_poe_scalance_xr524-8c_firmwarescalance_w700_ieee_802.11axscalance_xc224__firmwarescalance_xb-200_firmwarescalance_xc-200scalance_xr324-4m_poe_tsscalance_xc206-2sfp_gscalance_m-800scalance_xm408-4c_l3scalance_xp208poe_eecscalance_w700_ieee_802.11ac_firmwarescalance_xr526scalance_xf204-2ba_dnascalance_xr552-12m_2hr2_firmwarescalance_xr324-12mscalance_xc206-2_firmwarescalance_xb213-3scalance_xr552scalance_xr528-6mscalance_xc224-4c_g_scalance_xc216-4c_firmwarescalance_xp216poe_eecscalance_xr-300wgscalance_xc216-4c_g_\(e\/ip\)scalance_xm400_firmwarescalance_xb205-3ld_firmwarescalance_xr524_firmwarescalance_xc224-4c_g_eecscalance_w700_ieee_802.11n_firmwarescalance_xc224_scalance_xp216_\(eip\)_firmwarescalance_xm416-4c_firmwarescalance_xc216eecscalance_xr524-8cscalance_xr528-6m_2hr2_l3scalance_xp208_\(eip\)scalance_xr328-4c_wgscalance_xc208gscalance_xb216scalance_xr324wgscalance_xr552-12m_firmwarescalance_xm408-4cscalance_xr552-12mscalance_xc206-2g_poe_eec_firmwarescalance_xc216_firmwarescalance_xc208eecscalance_xc206-2sfp_eec_firmwarescalance_xr328-4c_wg_firmwarescalance_xr526_firmwarescalance_xc216-4cscalance_xr524-8c_l3scalance_xr500_firmwarescalance_xr552-12m_2hr2scalance_xc208g_firmwarescalance_xc208_firmwarescalance_xp216_\(eip\)scalance_xp208_\(eip\)_firmwarescalance_xp208eec_firmwarescalance_xr524-8c_l3_firmwarescalance_xr324-4m_poe_firmwarescalance_xm408-4c_firmwarescalance_xm416-4cscalance_xr528_firmwarescalance_xr528scalance_xr552-12m_2hr2_l3_firmwarescalance_xr326-2c_poe_wgscalance_xm408-4c_l3_firmwarescalance_xc208g_\(e\/ip\)scalance_xr324wg_firmwarescalance_xb208_firmwarescalance_xc224-4c_g__firmwarescalance_w700_ieee_802.11nscalance_xc206-2scalance_xc208g_poe_firmwarescalance_xr528-6m_2hr2_l3_firmwarescalance_xr528-6m_l3scalance_xr324-12m_firmwarescalance_xr-300poescalance_xm416-4c_l3scalance_xf204-2ba_dna_firmwarescalance_xp-200_firmwarescalance_xc224-4c_g_\(e\/ip\)scalance_xb-200scalance_xc216-4c_g_eec_firmwarescalance_xr500scalance_xr552-12scalance_xp216_firmwarescalance_xm416-4c_l3_firmwarescalance_xp208_firmwarescalance_xp208poe_eec_firmwarescalance_xr526-8c_firmwarescalance_xp216eecscalance_xr552-12_firmwarescalance_xc216-4c_g_eecscalance_xc206-2sfp_eecscalance_xc216-4c_gscalance_xr-300eecscalance_xr526-8cscalance_xr528-6m_l3_firmwareSCALANCE W774-1 RJ45SCALANCE M876-4 (NAM)SCALANCE W1788-2IA M12SCALANCE XB213-3 (ST, E/IP)SCALANCE XR524-8C, 24VSCALANCE XB213-3 (ST, PN)SCALANCE XC216EECRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XB205-3 (ST, PN)SCALANCE XC208SCALANCE XB213-3LD (SC, PN)SCALANCE XC206-2G PoESCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XB205-3LD (SC, PN)SCALANCE W734-1 RJ45 (USA)SCALANCE MUM856-1 (RoW)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XR528-6M (2HR2)SCALANCE XR528-6M (L3 int.)SCALANCE XB216 (E/IP)SCALANCE XC216-4CSCALANCE XB208 (E/IP)SCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XC206-2 (SC)SCALANCE W778-1 M12 EECSCALANCE XR524-8C, 1x230VSCALANCE W788-1 M12SCALANCE M876-3 (EVDO)SCALANCE XP208SCALANCE XR552-12M (2HR2)SCALANCE XF204-2BA DNASCALANCE WAM766-1 EEC (EU)SCALANCE XB205-3LD (SC, E/IP)SCALANCE XF204-2BASCALANCE WUM763-1SIPLUS NET SCALANCE XC216-4CSCALANCE W788-2 M12 EECSCALANCE W786-2 RJ45SCALANCE XB213-3 (SC, PN)SCALANCE W1788-2 EEC M12SCALANCE XC206-2SFPSCALANCE XP216POE EECSCALANCE XM408-4C (L3 int.)SCALANCE W1788-2 M12SCALANCE W786-1 RJ45SCALANCE XP208EECSCALANCE MUM856-1 (EU)SCALANCE S615SCALANCE WAM766-1 (US)SCALANCE SC646-2CSCALANCE M826-2 SHDSL-RouterSCALANCE W786-2 SFPSCALANCE XR524-8C, 24V (L3 int.)SCALANCE XR552-12M (2HR2, L3 int.)SCALANCE XC206-2 (ST/BFOC)SCALANCE W722-1 RJ45SCALANCE XM416-4CSCALANCE W788-1 RJ45SCALANCE XR526-8C, 24V (L3 int.)SCALANCE XR528-6MSCALANCE XR528-6M (2HR2, L3 int.)SCALANCE XC216-4C GSCALANCE M874-2SCALANCE XR526-8C, 2x230VSCALANCE W1748-1 M12SCALANCE XP216 (Ethernet/IP)SCALANCE W774-1 M12 EECSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XC224-4C GSCALANCE XC208G PoE (54 V DC)SCALANCE M816-1 ADSL-Router (Annex B)SCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XP208 (Ethernet/IP)SCALANCE M876-3 (ROK)SCALANCE XB216 (PN)SCALANCE XC216-4C G (EIP Def.)SCALANCE XR526-8C, 24VSCALANCE W734-1 RJ45SCALANCE SC636-2CSCALANCE W788-2 RJ45SCALANCE XM408-4CSCALANCE XC208G PoESCALANCE XR524-8C, 1x230V (L3 int.)SCALANCE WUM766-1 (US)SCALANCE W778-1 M12SCALANCE W748-1 RJ45SCALANCE XM408-8C (L3 int.)SCALANCE XB213-3LD (SC, E/IP)SCALANCE XC216SCALANCE XC208G EECSCALANCE XC208G (EIP def.)SCALANCE XC208GSCALANCE XR526-8C, 2x230V (L3 int.)SCALANCE XP216EECSCALANCE M816-1 ADSL-Router (Annex A)SCALANCE XC206-2G PoE (54 V DC)SCALANCE XM416-4C (L3 int.)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE XC206-2SFP GSCALANCE W774-1 RJ45 (USA)SCALANCE MUM853-1 (EU)SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE W778-1 M12 EEC (USA)SCALANCE W1788-1 M12SCALANCE W738-1 M12SCALANCE M876-4 (EU)SCALANCE XR524-8C, 2x230VSCALANCE XR526-8C, 1x230V (L3 int.)SCALANCE M804PBSCALANCE XC216-3G PoE (54 V DC)SCALANCE XR326-2C PoE WG (without UL)SCALANCE XB205-3 (SC, PN)SCALANCE XC206-2SFP EECSCALANCE W721-1 RJ45SCALANCE XC206-2SFP G (EIP DEF.)SCALANCE WAM766-1 (EU)SCALANCE M812-1 ADSL-Router (Annex B)SCALANCE SC632-2CSCALANCE XP208PoE EECSCALANCE W786-2IA RJ45SCALANCE XF204SCALANCE XF204 DNASCALANCE M812-1 ADSL-Router (Annex A)SCALANCE XB213-3 (SC, E/IP)SCALANCE XR524-8C, 2x230V (L3 int.)SCALANCE XB208 (PN)SCALANCE XC224SCALANCE XR326-2C PoE WGSCALANCE M874-3SCALANCE WUM766-1 (EU)SCALANCE XB205-3 (ST, E/IP)SCALANCE XC208EECSCALANCE WAM763-1SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SIPLUS NET SCALANCE XC206-2SCALANCE XM408-8CSCALANCE W748-1 M12SCALANCE SC642-2CSCALANCE XR552-12MSCALANCE XR526-8C, 1x230VSCALANCE XR328-4C WG (28xGE, AC 230V)SIPLUS NET SCALANCE XC208SCALANCE XC206-2SFP G EECSCALANCE XC224-4C G EECSCALANCE WAM766-1 EEC (US)SCALANCE W761-1 RJ45SCALANCE XC216-3G PoESCALANCE XC216-4C G EECSIPLUS NET SCALANCE XC206-2SFPSCALANCE XP216SCALANCE XC224-4C G (EIP Def.)SCALANCE SC622-2CSCALANCE SC626-2CSCALANCE W788-2 M12
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-34057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-25 Sep, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service.

Action-Not Available
Vendor-trianglemicroworksn/atrianglemicroworksSiemens AG
Product-sicam_a8000sicam_s8000sicam_egs_firmwaresicam_sccsicam_scc_firmwareiec_61850_source_code_librarysitipe_atsicam_egssicam_a8000_firmwaren/aiec_61850_client_source_code_library
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-30938
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.83% / 82.18%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 10:06
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.40), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint manupulating a specific argument. This could allow an attacker to crash the affected application leading to a denial of service condition

Action-Not Available
Vendor-Siemens AG
Product-en100_ethernet_module_iec_104_firmwareen100_ethernet_module_profinet_io_firmwareen100_ethernet_module_dnp3_ip_firmwareen100_ethernet_module_iec_61850_firmwareen100_ethernet_moduleen100_ethernet_module_modbus_tcp_firmwareEN100 Ethernet module IEC 104 variantEN100 Ethernet module PROFINET IO variantEN100 Ethernet module DNP3 IP variantEN100 Ethernet module Modbus TCP variantEN100 Ethernet module IEC 61850 variant
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-33737
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.57%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cp_343-1_erpc_firmwaresimatic_cp_343-1_leansimatic_cp343-1_advancedsimatic_cp_443-1simatic_cp_443-1_advanced_firmwaresimatic_cp_343-1_erpcsimatic_cp_443-1_firmwaresimatic_cp_343-1_advanced_firmwaresimatic_cp343-1simatic_cp_343-1_lean_firmwaresimatic_cp_443-1_advancedsimatic_cp_343-1_firmwareSIMATIC CP 343-1 (incl. SIPLUS variants)SIMATIC CP 343-1 ERPCSIMATIC CP 443-1 AdvancedSIPLUS NET CP 443-1 AdvancedSIMATIC CP 343-1 Lean (incl. SIPLUS variants)SIMATIC CP 443-1SIPLUS NET CP 443-1SIMATIC CP 343-1 Advanced (incl. SIPLUS variants)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-31890
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-2.50% / 84.72%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-11 Mar, 2025 | 09:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)

Action-Not Available
Vendor-Siemens AG
Product-nucleus_readystart_v3talon_tc_compactnucleus_nettalon_tc_compact_firmwareapogee_pxc_compactapogee_modular_equiment_controller_firmwareapogee_pxc_compact_firmwareapogee_modular_equiment_controllerapogee_modular_building_controllercapital_vstarapogee_pxc_modular_firmwareapogee_pxc_modularnucleus_readystart_v4talon_tc_modular_firmwaretalon_tc_modularapogee_modular_building_controller_firmwarenucleus_source_codePLUSCONTROL 1st GenSIMOTICS CONNECT 400Capital Embedded AR Classic 431-422Capital Embedded AR Classic R20-11
CWE ID-CWE-240
Improper Handling of Inconsistent Structural Elements
CVE-2024-46891
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.19% / 40.96%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-20 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-25659
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.47%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 10:35
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such could cause a denial-of-service preventing legitimate users from using the system.

Action-Not Available
Vendor-Siemens AG
Product-automation_license_managerAutomation License Manager 5Automation License Manager 6
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-25676
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.36%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 17:03
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically.

Action-Not Available
Vendor-Siemens AG
Product-scalance_s615scalance_m-800_firmwarescalance_sc-600scalance_sc-600_firmwareruggedcom_rm1224_firmwarescalance_m-800scalance_s615_firmwareruggedcom_rm1224SCALANCE M-800RUGGEDCOM RM1224SCALANCE S615SCALANCE SC-600
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2020-9327
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.40% / 79.66%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 21:25
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

Action-Not Available
Vendor-sqliten/aNetApp, Inc.Oracle CorporationCanonical Ltd.Siemens AG
Product-sinec_infrastructure_network_servicesubuntu_linuxcommunications_messaging_servercloud_backupsqlitecommunications_network_charging_and_controlzfs_storage_appliance_kitoutside_in_technologyhyperion_infrastructure_technologyenterprise_manager_ops_centermysql_workbenchn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-7987
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-0.84% / 73.85%
||
7 Day CHG~0.00%
Published-13 Feb, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 2404/TCP could cause the affected device to go into defect mode. A cold start might be required to recover the system, a Denial-of-Service Vulnerability.

Action-Not Available
Vendor-n/aSiemens AG
Product-eta4_firmwareeta2_firmwaresicam_aksicam_bcsicam_bc_1703sicam_ak_3sicam_tm_1703sicam_tmSiemens SICAM RTU Devices before 08
CVE-2021-22924
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-3.7||LOW
EPSS-0.63% / 69.37%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 20:16
Updated-09 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

Action-Not Available
Vendor-n/aOracle CorporationNetApp, Inc.Fedora ProjectSplunk LLC (Cisco Systems, Inc.)CURLSiemens AGDebian GNU/Linux
Product-scalance_m804pbsimatic_cp_1545-1_firmwarescalance_m826-2simatic_rtu_3041cscalance_m804pb_firmwarescalance_mum856-1_firmwarescalance_m812-1fedoralibcurlsolidfire_\&_hci_management_nodescalance_m874-2simatic_cp_1543-1_firmwaresiplus_net_cp_1543-1_firmwaredebian_linuxcloud_backupsinec_infrastructure_network_servicessimatic_rtu_3041c_firmwarescalance_m876-3simatic_rtu3031c_firmwaresimatic_rtu3031cruggedcomrm_1224_ltescalance_m876-4_firmwarescalance_m876-4scalance_s615simatic_rtu3030cscalance_mum856-1simatic_rtu3010clogo\!_cmr2020logo\!_cmr2040scalance_m826-2_firmwareuniversal_forwarderruggedcomrm_1224_lte_firmwarelogo\!_cmr2020_firmwarescalance_m816-1scalance_m816-1_firmwaremysql_serversinema_remote_connect_serverclustered_data_ontaplogo\!_cmr2040_firmwarescalance_m874-3_firmwaresimatic_cp_1545-1solidfire_baseboard_management_controller_firmwarescalance_s615_firmwarepeoplesoft_enterprise_peopletoolssinema_remote_connectsimatic_cp_1543-1scalance_m874-2_firmwarescalance_m874-3scalance_m812-1_firmwaresimatic_rtu3010c_firmwarescalance_m876-3_firmwaresiplus_net_cp_1543-1simatic_rtu3030c_firmwarehttps://github.com/curl/curl
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-706
Use of Incorrectly-Resolved Name or Reference
CVE-2021-22931
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-0.74% / 71.92%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 00:00
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.

Action-Not Available
Vendor-Oracle CorporationNode.js (OpenJS Foundation)NetApp, Inc.Siemens AG
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvmmysql_clusternextgen_apiactive_iq_unified_manageroncommand_workflow_automationsnapcenternode.jsoncommand_insightNode
CWE ID-CWE-170
Improper Null Termination
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7855
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-60.88% / 98.24%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxNetApp, Inc.Siemens AG
Product-oncommand_unified_manageroncommand_performance_manageroncommand_balancetim_4r-ie_dnp3_firmwareclustered_data_ontaptim_4r-ie_dnp3debian_linuxtim_4r-ie_firmwaretim_4r-ientpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5386
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-0.68% / 70.66%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_mic_firmwaresicam_micn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2822
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.60% / 68.47%
||
7 Day CHG~0.00%
Published-08 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102.

Action-Not Available
Vendor-n/aSiemens AG
Product-winccn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2733
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.38% / 58.36%
||
7 Day CHG~0.00%
Published-19 Apr, 2014 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80.

Action-Not Available
Vendor-n/aSiemens AG
Product-sinema_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-1049
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.54% / 66.52%
||
7 Day CHG~0.00%
Published-02 Feb, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x204irtscalance_x202-2p_irtscalance_x202-2irtscalance_x202-4p_irtscalance_xf204irtscalance_x202-2p_irt_proscalance_x-200_series_firmwarescalance_x204irt_proscalance_x201-3pirtscalance_x201-3p_irt_pron/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-32253
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 39.86%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:22
Updated-03 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-20
Improper Input Validation
CVE-2018-13814
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.66%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_ktp700fsimatic_hmi_ktp_mobile_panels_ktp900_firmwaresimatic_hmi_tpsimatic_hmi_ktp_mobile_panels_ktp900fsimatic_hmi_tp_firmwaresimatic_hmi_ktp_mobile_panels_ktp400fsimatic_hmi_comfort_outdoor_panelssimatic_hmi_comfort_outdoor_panels_firmwaresimatic_wincc_\(tia_portal\)simatic_hmi_ktp_mobile_panels_ktp700simatic_hmi_ktp_mobile_panels_ktp700f_firmwaresimatic_wincc_runtimesimatic_hmi_op_firmwaresimatic_hmi_mp_firmwaresimatic_hmi_ktp_mobile_panels_ktp900f_firmwaresimatic_hmi_ktp_mobile_panels_ktp400f_firmwaresimatic_hmi_opsimatic_hmi_ktp_mobile_panels_ktp900simatic_hmi_comfort_panelssimatic_hmi_comfort_panels_firmwaresimatic_hmi_mpsimatic_hmi_ktp_mobile_panels_ktp700_firmwareSIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)
CWE ID-CWE-113
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE ID-CWE-20
Improper Input Validation
CVE-2022-31766
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.33% / 55.53%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-21 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

Action-Not Available
Vendor-Siemens AG
Product-scalance_m812-1scalance_mum853-1scalance_m826-2_firmwarescalance_m874-3scalance_m874-3_firmwarescalance_wam766-1scalance_m876-3scalance_m816-1_firmwareruggedcom_rm1224scalance_wam763-1_firmwarescalance_m816-1scalance_m804pb_firmwarescalance_mum856-1_firmwarescalance_s615_firmwarescalance_wum766-1scalance_m876-3_firmwarescalance_m812-1_firmwarescalance_m826-2scalance_mum856-1scalance_wam766-1_firmwarescalance_wam763-1scalance_m876-4scalance_m876-4_firmwarescalance_s615scalance_wum763-1scalance_m804pbscalance_wum763-1_firmwareruggedcom_rm1224_firmwarescalance_m874-2_firmwarescalance_m874-2scalance_wum766-1_firmwarescalance_mum853-1_firmwareSCALANCE M876-3 (ROK)SCALANCE M876-4 (NAM)SCALANCE MUM856-1 (EU)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4SCALANCE WAM766-1 (US)SCALANCE M826-2 SHDSL-RouterSCALANCE S615 EEC LAN-RouterRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE MUM853-1 (EU)SCALANCE WAM766-1SCALANCE WUM763-1SCALANCE WUM766-1SCALANCE M812-1 ADSL-RouterSCALANCE M876-3SCALANCE M876-4 (EU)SCALANCE WAM766-1 EEC (US)SCALANCE WAM766-1 EECSCALANCE S615 LAN-RouterSCALANCE MUM856-1 (RoW)SCALANCE M816-1 ADSL-RouterSCALANCE M874-3SCALANCE M804PBSCALANCE WAM763-1SCALANCE M874-2SCALANCE WUM766-1 (USA)
CWE ID-CWE-20
Improper Input Validation
CVE-2023-51438
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-0.34% / 56.27%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 10:00
Updated-22 May, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

Action-Not Available
Vendor-microchipSiemens AG
Product-simatic_ipc647esimatic_ipc847emaxview_storage_managersimatic_ipc1047eSIMATIC IPC847ESIMATIC IPC1047ESIMATIC IPC647E
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29562
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-3.7||LOW
EPSS-0.21% / 43.91%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-12 Nov, 2024 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). Affected devices do not properly handle malformed HTTP packets. This could allow an unauthenticated remote attacker to send a malformed HTTP packet causing certain functions to fail in a controlled manner.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_mx5000reruggedcom_rox_rx1511ruggedcom_rox_rx1512_firmwareruggedcom_rox_rx1512ruggedcom_rox_mx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx1524_firmwareruggedcom_rox_rx5000ruggedcom_rox_rx1501ruggedcom_rox_rx1536ruggedcom_rox_mx5000ruggedcom_rox_rx1536_firmwareruggedcom_rox_rx1524ruggedcom_rox_rx1500_firmwareruggedcom_rox_mx5000re_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx5000_firmwareRUGGEDCOM ROX MX5000RERUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1501RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX5000RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1512
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28329
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 48.86%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:08
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed TCP packets received over the RemoteCapture feature. This could allow an attacker to lead to a denial of service condition which only affects the port used by the RemoteCapture feature.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w1788-2ia_m12scalance_w1788-2ia_m12_firmwarescalance_w1788-2_m12_firmwarescalance_w1788-1_m12_firmwarescalance_w1788-2_eec_m12_firmwarescalance_w1788-1_m12scalance_w1788-2_eec_m12scalance_w1788-2_m12SCALANCE W1788-1 M12SCALANCE W1788-2IA M12SCALANCE W1788-2 M12SCALANCE W1788-2 EEC M12
CWE ID-CWE-20
Improper Input Validation
CVE-2022-29872
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.29% / 78.86%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg8501-0aa11-2aa0_firmware7kg8551-0aa01-2aa07kg8501-0aa11-0aa07kg8500-0aa10-0aa0_firmware7kg8501-0aa31-2aa0_firmware7kg8551-0aa02-2aa0_firmware7kg8551-0aa02-0aa0_firmware7kg8551-0aa32-2aa0_firmware7kg8550-0aa00-0aa07kg8550-0aa00-0aa0_firmware7kg8501-0aa01-0aa07kg8551-0aa02-0aa07kg8500-0aa30-0aa07kg8551-0aa32-0aa0_firmware7kg8551-0aa02-2aa07kg8550-0aa30-0aa0_firmware7kg8501-0aa32-0aa07kg8500-0aa30-2aa0_firmware7kg8501-0aa01-0aa0_firmware7kg8501-0aa02-0aa07kg8551-0aa12-2aa07kg8500-0aa00-0aa07kg8551-0aa01-0aa0_firmware7kg8501-0aa11-2aa07kg8501-0aa31-0aa07kg8501-0aa12-2aa0_firmware7kg8501-0aa32-2aa07kg8550-0aa00-2aa0_firmware7kg8550-0aa30-2aa07kg8501-0aa31-0aa0_firmware7kg8550-0aa30-0aa07kg8501-0aa12-0aa0_firmware7kg8551-0aa12-0aa07kg8500-0aa30-2aa07kg8501-0aa32-2aa0_firmware7kg8500-0aa10-2aa0_firmware7kg8500-0aa00-2aa0_firmware7kg8501-0aa01-2aa0_firmware7kg8501-0aa02-0aa0_firmware7kg8500-0aa10-0aa07kg8551-0aa12-0aa0_firmware7kg8550-0aa30-2aa0_firmware7kg8551-0aa32-2aa07kg8501-0aa11-0aa0_firmware7kg8550-0aa10-2aa07kg8501-0aa02-2aa0_firmware7kg8551-0aa32-0aa07kg8501-0aa32-0aa0_firmware7kg8551-0aa12-2aa0_firmware7kg8550-0aa10-0aa0_firmware7kg8501-0aa01-2aa07kg8550-0aa00-2aa07kg8551-0aa31-2aa0_firmware7kg8551-0aa11-2aa07kg8501-0aa12-0aa07kg8551-0aa31-0aa0_firmware7kg8551-0aa11-0aa07kg8500-0aa00-2aa07kg8551-0aa01-2aa0_firmware7kg8550-0aa10-2aa0_firmware7kg8550-0aa10-0aa07kg8551-0aa31-0aa07kg8551-0aa11-0aa0_firmware7kg8551-0aa11-2aa0_firmware7kg8500-0aa30-0aa0_firmware7kg8551-0aa01-0aa07kg8501-0aa02-2aa07kg8500-0aa10-2aa07kg8551-0aa31-2aa07kg8501-0aa31-2aa07kg8501-0aa12-2aa07kg8500-0aa00-0aa0_firmwareSICAM P850SICAM P855
CWE ID-CWE-141
Improper Neutralization of Parameter/Argument Delimiters
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9945
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.54%
||
7 Day CHG~0.00%
Published-30 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Siemens 7KM PAC Switched Ethernet PROFINET expansion module (All versions < V2.1.3), a Denial-of-Service condition could be induced by a specially crafted PROFINET DCP packet sent as a local Ethernet (Layer 2) broadcast. The affected component requires a manual restart via the main device to recover.

Action-Not Available
Vendor-n/aSiemens AG
Product-7km_pac_switched_ethernet_profinet_expansion_module_firmware7km_pac_switched_ethernet_profinet_expansion_moduleSiemens 7KM PAC Switched Ethernet PROFINET expansion module: All versions < V2.1.3
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9938
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.97% / 75.72%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restarts automatically.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_logonSIMATIC Logon All versions before V1.6
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-6867
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-4.9||MEDIUM
EPSS-0.61% / 68.89%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_runtimesimatic_winccsimatic_wincc_\(tia_portal\)Siemens SIMATIC WinCC
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-44228
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-10||CRITICAL
EPSS-94.36% / 99.96%
||
7 Day CHG~0.00%
Published-10 Dec, 2021 | 00:00
Updated-08 Aug, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-12-24||For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Action-Not Available
Vendor-percussionsnowsoftwareNetApp, Inc.Siemens AGDebian GNU/LinuxApple Inc.SonicWall Inc.Bentley Systems, IncorporatedFedora ProjectThe Apache Software FoundationIntel CorporationCisco Systems, Inc.
Product-common_services_platform_collectorsolidfire_enterprise_sdsoncommand_insightdatacenter_manageractive_iq_unified_manageroperation_schedulerconnected_analytics_for_network_deploymentindustrial_edge_management_hubsnapcenterintegrated_management_controller_supervisorfirepower_1150iot_operations_dashboardwan_automation_enginefirepower_2140system_studiovirtualized_voice_browserfirepower_2110dna_centersolid_edge_cam_pro6bk1602-0aa42-0tp0energyipcomossecure_device_onboardfirepower_4120sppa-t3000_ses3000_firmwaresiveillance_viewpointfirepower_1120genomics_kernel_librarycontact_center_domain_managercrosswork_data_gatewayxpedition_package_integratornetwork_dashboard_fabric_controller6bk1602-0aa22-0tp0_firmwarecloud_secure_agentnexus_insights6bk1602-0aa22-0tp0firepower_10106bk1602-0aa32-0tp0email_securityunified_contact_center_management_portalopcenter_intelligencexcodedna_spaces_connectorfinessesolidfire_\&_hci_storage_nodepackaged_contact_center_enterpriseunified_sip_proxycloudcenter_suiteucs_directorenergy_engagefxoscustomer_experience_cloud_agentpaging_serverlogo\!_soft_comfortfirepower_2130siveillance_control_prospectrum_power_7cloud_managernetwork_insights_for_data_centersynchro_4d6bk1602-0aa52-0tp0solid_edge_harness_designfog_directornetwork_assurance_enginefirepower_4115nexus_dashboardsmart_phybusiness_process_automation6bk1602-0aa42-0tp0_firmwarebroadworksfirepower_4140emergency_responderucs_centralcomputer_vision_annotation_toolvideo_surveillance_managerconnected_mobile_experiencessynchrohead-end_system_universal_device_integration_systemsentron_powermanagerfedoracloudcenter_cost_optimizer6bk1602-0aa12-0tp0_firmwarespectrum_power_4cloudcentervm_access_proxycloudcenter_suite_adminoneapi_sample_browser6bk1602-0aa52-0tp0_firmwarefirepower_4150virtual_topology_systemfirepower_9300prime_service_catalogbrocade_san_navigatorenterprise_chat_and_emailcloud_connectfirepower_4145teamcenterunified_customer_voice_portalcloud_insightsrhythmyxfirepower_1140sipass_integratedsiveillance_vantageintersight_virtual_appliancesd-wan_vmanageucs_central_softwarecontact_center_management_portalwebex_meetings_serverunified_intelligence_centerunified_workforce_optimizationenergyip_prepaycrosswork_zero_touch_provisioningcx_cloud_agent6bk1602-0aa12-0tp0unity_connectioncloudcenter_workload_manageroptical_network_controllervirtualized_infrastructure_managervideo_surveillance_operations_manager6bk1602-0aa32-0tp0_firmwareunified_communications_manageradvanced_malware_protection_virtual_private_cloud_applianceidentity_services_enginesnow_commandercyber_vision_sensor_management_extensionfirepower_4112unified_contact_center_enterprisedebian_linuxunified_computing_systemunified_contact_center_expressxpedition_enterpriselog4jdesigo_cc_advanced_reportsontap_toolsunified_communications_manager_im_and_presence_servicefirepower_2120mobility_services_enginecrosswork_network_automationdna_spacesvesysautomated_subsea_tuningcyber_visionsiveillance_commandevolved_programmable_network_managerdna_spaces\firepower_4110mendixfirepower_4125sppa-t3000_ses3000unified_communications_manager_im_\&_presence_servicee-car_operation_centernxindustrial_edge_managementworkload_optimization_managerfirepower_threat_defensenavigatorcapitalcrosswork_platform_infrastructurenetwork_services_orchestratordata_center_network_managercrosswork_optimization_enginemindspheresiguard_dsagma-managerdesigo_cc_info_centercrosswork_network_controllersiveillance_identityApache Log4j2Log4j2
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2020-27339
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.66%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 15:49
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and SdMmcDeviceDxe drivers are 05.16.25, 05.26.25, 05.35.25, 05.43.25, and 05.51.25 (for Kernel 5.1 through 5.5).

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)Siemens AG
Product-simatic_ipc127e_firmwaresimatic_ipc377ginsydeh2osimatic_ipc677esimatic_ipc227g_firmwaresimatic_ipc647e_firmwaresimatic_ipc277gsimatic_ipc627e_firmwaresimatic_ipc477esimatic_field_pg_m6_firmwaresimatic_ipc627esimatic_ipc847e_firmwaresimatic_field_pg_m5simatic_itp1000simatic_ipc377g_firmwaresimatic_ipc327g_firmwaresimatic_ipc477e_firmwaresimatic_ipc427e_firmwaresimatic_ipc847esimatic_ipc427esimatic_field_pg_m6ruggedcom_apr1808simatic_ipc227gsimatic_ipc477e_prosimatic_field_pg_m5_firmwaresimatic_ipc677e_firmwaresimatic_ipc477e_pro_firmwaresimatic_ipc277g_firmwaresimatic_ipc127esimatic_itp1000_firmwareruggedcom_apr1808_firmwaresimatic_ipc647esimatic_ipc327gn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-26145
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-5.28% / 89.63%
||
7 Day CHG-0.56%
Published-11 May, 2021 | 19:35
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Action-Not Available
Vendor-n/aSamsungSiemens AG
Product-6gk5766-1ge00-3db06gk5766-1ge00-7ta0_firmware6gk5766-1je00-7ta06gk5766-1je00-3da0_firmware6gk5766-1je00-3da06gk5766-1ge00-7da0_firmware6gk5763-1al00-3da06gk5763-1al00-3aa06gk5766-1je00-7da0_firmware6gk5766-1ge00-7tb06gk5766-1je00-7da06gk5766-1ge00-7db06gk5766-1ge00-7da06gk5766-1ge00-7ta06gk5763-1al00-3aa0_firmware6gk5766-1je00-7ta0_firmware6gk5763-1al00-7da0_firmware6gk5763-1al00-3da0_firmware6gk5766-1ge00-7tb0_firmwaregalaxy_i93056gk5763-1al00-7da06gk5766-1ge00-7db0_firmware6gk5766-1ge00-3da0_firmware6gk5766-1ge00-3da0galaxy_i9305_firmware6gk5766-1ge00-3db0_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-26146
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.05% / 76.64%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:39
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

Action-Not Available
Vendor-n/aArista Networks, Inc.SamsungSiemens AG
Product-c-200o-105w-68_firmwarec-100_firmwarescalance_w1750d_firmwarec-230_firmwareo-90_firmwarec-65c-120c-130_firmwarec-250_firmwaregalaxy_i9305w-118_firmwarescalance_w700_ieee_802.11nw-68galaxy_i9305_firmwarec-250c-65_firmwarescalance_w700_ieee_802.11n_firmwarec-260c-110c-75_firmwareo-90o-105_firmwarec-110_firmwarec-120_firmwarec-230scalance_w1700_ieee_802.11ac_firmwarew-118scalance_w1750dc-100c-235_firmwarec-260_firmwarec-75scalance_w1700_ieee_802.11acc-130c-235c-200_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-26143
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.44% / 79.92%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:36
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

Action-Not Available
Vendor-alfan/aArista Networks, Inc.Siemens AG
Product-scalance_w700_ieee_802.11n_firmwareo-90_firmwarec-75_firmwarec-65w-68_firmwareo-90c-75scalance_w700_ieee_802.11nawus036h_firmwarew-68c-65_firmwareawus036hn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-26144
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.27% / 78.66%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:33
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Action-Not Available
Vendor-n/aArista Networks, Inc.SamsungSiemens AG
Product-c-200o-105w-68_firmwarec-100_firmwarec-230_firmwareo-90_firmwarec-65c-120c-130_firmwarec-250_firmwaregalaxy_i9305w-118_firmwarescalance_w700_ieee_802.11nw-68galaxy_i9305_firmwarec-250c-65_firmwarescalance_w700_ieee_802.11n_firmwarec-260c-110c-75_firmwarescalance_w700_ieee_802.11ax_firmwareo-90o-105_firmwarec-110_firmwarec-120_firmwarec-230w-118c-100scalance_w700_ieee_802.11axc-235_firmwarec-260_firmwarec-75c-130c-235c-200_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24486
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.68%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 18:53
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel CorporationSiemens AG
Product-xeon_platinum_8153xeon_e3-1230_v5xeon_e3-1558l_v5xeon_w-3245mxeon_e5-4610_v4xeon_e7-8894_v4xeon_gold_6146xeon_e5-2660_v3core_i7-1068ng7e-series_bioscore_i7-1160g7xeon_e5-1680_v3xeon_d-1527xeon_e5-2697_v4xeon_gold_5115xeon_platinum_8170xeon_gold_6136xeon_w-2125core_i9-10940xxeon_e5-4610_v3xeon_e5-4650_v4xeon_e7-8880_v4xeon_gold_6138xeon_e5-1660_v4simatic_ipc547g_firmwarexeon_e7-8891_v4xeon_platinum_8164xeon_e-2226gxeon_e3-1280_v5xeon_gold_6234xeon_e5-2699r_v4xeon_w-2255xeon_d-1518core_i7-11700core_i7-6822eqcore_i7-6700texeon_e3-1501l_v6xeon_gold_6262vcore_i7-11370hxeon_e5-2683_v4xeon_platinum_8168core_i7-7600uxeon_e5-2608l_v4xeon_e5-2640_v3xeon_e-2224xeon_gold_5218xeon_e5-1620_v4core_i7-11850hxeon_d-1567xeon_e5-2630l_v3xeon_e3-1505l_v6xeon_e-2278gexeon_e5-1607_v3xeon_e5-4640_v4xeon_gold_5117xeon_gold_5122xeon_w-2245xeon_d-1587xeon_e5-2699_v3xeon_d-2191xeon_gold_6248rcore_i7-7820hkxeon_e5-2689_v4xeon_e7-8870_v4xeon_w-1290tcore_i5-l16g7xeon_gold_6240core_i7-6970hqxeon_gold_6262xeon_platinum_8156xeon_e-2136core_i7-10510ucore_i7-1060g7xeon_w-2265xeon_e5-2667_v4xeon_platinum_8274xeon_w-10855mxeon_gold_6126fxeon_d-1539xeon_e3-1535m_v5xeon_e5-1680_v4core_i7-7700xeon_gold_5220rxeon_d-2146ntxeon_e3-1268l_v5xeon_platinum_8160fxeon_e5-2658_v3xeon_e5-4660_v4core_i7-8750hxeon_e3-1501m_v6xeon_gold_6250lxeon_gold_6210uxeon_d-2187ntxeon_platinum_8160mcore_i7-10700fxeon_d-2166ntxeon_e3-1270_v6xeon_e-2286mxeon_e3-1505m_v5core_i7-10750hxeon_silver_4216xeon_gold_6230xeon_platinum_8253xeon_e5-2630l_v4xeon_w-2195xeon_e5-4667_v4xeon_e5-2628l_v4xeon_e-2276gxeon_e5-2685_v3xeon_w-1390xeon_e-2186gxeon_d-2183itxeon_silver_4116txeon_e-2174gxeon_e5-2630_v4xeon_d-1622core_i7-8809gxeon_e5-4667_v3xeon_platinum_8160hcore_i7-8700bxeon_e5-2643_v3xeon_d-2145ntxeon_d-1581xeon_e5-1650_v4xeon_gold_6238xeon_e5-2630_v3xeon_w-1250pxeon_silver_4208xeon_e3-1585_v5xeon_w-2104xeon_e5-2623_v4core_i7-6560uxeon_w-2123xeon_gold_5220sxeon_w-3275mxeon_platinum_9282xeon_e5-2683_v3core_i7-10700exeon_silver_4108xeon_gold_6130txeon_silver_4210core_i7-11700kfcloud_backupcore_i7-10870hxeon_e7-8867_v4xeon_bronze_3106xeon_w-2102xeon_e-2274gcore_i7-10700kxeon_e-2278gelxeon_d-1540xeon_e3-1280_v6hci_compute_node_biosxeon_e5-2698_v4xeon_platinum_8160tcore_i7-11700kxeon_d-1528xeon_silver_4214rcore_i7-6500uxeon_e5-2697_v3xeon_e5-4627_v4xeon_e-2124core_i7-10710uxeon_d-2141icore_i7-10700kfxeon_d-1541xeon_e5-2660_v4xeon_e7-4830_v4xeon_w-1250texeon_platinum_8268xeon_platinum_8176mxeon_e-2276mecore_i7-8565uxeon_gold_5222xeon_e5-2687w_v4xeon_e5-1603_v3core_i7-7560uxeon_gold_5117fxeon_e3-1535m_v6xeon_d-1548xeon_d-1649nxeon_d-1529xeon_platinum_9221xeon_e3-1220_v5xeon_platinum_8160xeon_e5-2428l_v3core_i7-6700hqxeon_e7-4809_v4xeon_e5-4648_v3xeon_gold_6122xeon_silver_4123xeon_gold_6148fxeon_gold_6132biosxeon_e5-2618l_v4xeon_w-2155xeon_gold_6137core_i7-7500ucore_i7-8550uxeon_e-2224gxeon_w-2135xeon_d-1623nxeon_w-2145xeon_e-2226gecore_i7-6650uxeon_gold_6142core_i7-10610ucore_i7-8500ycore_i7-7567uxeon_silver_4214xeon_w-1390pxeon_d-2161ixeon_silver_4210rxeon_d-1632core_i7-7820hqxeon_e3-1585l_v5xeon_e5-2620_v3xeon_e5-2670_v3xeon_gold_5218bxeon_e5-2648l_v3xeon_gold_6142mxeon_e5-2609_v3xeon_e3-1275_v5xeon_e5-2438l_v3xeon_e3-1240_v5xeon_e5-2650_v3xeon_gold_6222core_i7-6567uxeon_e5-2648l_v4xeon_e5-4620_v4xeon_e7-8855_v4xeon_d-1513nxeon_d-1537xeon_e3-1515m_v5xeon_w-1290texeon_e3-1225_v5xeon_gold_6209uxeon_silver_4112xeon_d-1559xeon_w-3223xeon_gold_5120txeon_w-3175xxeon_gold_6134xeon_gold_6162xeon_e5-2628l_v3xeon_e-2254mexeon_w-3235core_i7-7y75xeon_e5-4669_v3xeon_w-2225xeon_gold_6130hxeon_w-2133core_i7-6700xeon_d-1557xeon_e5-4627_v3xeon_e7-4850_v4xeon_gold_6148xeon_e3-1505m_v6xeon_gold_6144xeon_gold_6140mxeon_gold_5220txeon_platinum_8276lxeon_w-2223xeon_e5-2679_v4core_i7-7700kcore_i7-8705gxeon_e-2276mcore_i7-8665uxeon_gold_6129xeon_platinum_9222xeon_gold_6230tcore_i7-7660ucore_i7-6600ucore_i7-8706gxeon_gold_6126tcore_i7-11700fxeon_platinum_8165xeon_w-3225xeon_gold_6135xeon_e3-1565l_v5xeon_e-2236xeon_w-1370core_i7-10850hxeon_e5-1603_v4core_i7-1185grexeon_e5-2408l_v3core_i7-11375hxeon_e3-1240_v6xeon_d-1573ncore_i7-8700core_i7-7700tcore_i7-10700txeon_e5-1630_v4xeon_e5-4660_v3xeon_gold_6246core_i7-8086kxeon_w-2295core_i7-6770hqcore_i7-8700kxeon_e5-2603_v3fas_biosxeon_e-2134xeon_e5-2667_v3xeon_gold_5215xeon_e5-4655_v3xeon_d-2143itxeon_d-2163itxeon_e5-2699_v4xeon_e3-1285_v6xeon_w-1390txeon_w-1270xeon_e3-1225_v6xeon_platinum_8284xeon_silver_4109tcore_i7-10510yxeon_e3-1240l_v5xeon_e5-2690_v3xeon_e5-4655_v4xeon_gold_5215lxeon_silver_4215rxeon_e5-2658_v4xeon_gold_6138fcore_i7-11800hxeon_e5-1630_v3xeon_silver_4210txeon_e5-2680_v3xeon_gold_6212uxeon_e3-1205_v6core_i7-7700hqxeon_w-1270texeon_silver_4114xeon_e5-2698_v3core_i7-6498duxeon_e3-1245_v5core_i7-6870hqxeon_gold_6258rxeon_bronze_3104xeon_d-1571xeon_gold_6240lxeon_gold_6238lxeon_e5-2637_v3xeon_e5-1620_v3xeon_gold_6250xeon_d-2173itcore_i7-11700txeon_w-11855mxeon_d-2123itxeon_gold_5219yxeon_e-2246gxeon_w-3265mxeon_d-1627xeon_e5-2637_v4xeon_e5-2687w_v3xeon_d-1602xeon_e7-8890_v4xeon_e5-2680_v4xeon_gold_5218txeon_e5-2697a_v4xeon_gold_6150xeon_gold_6140xeon_e5-2690_v4xeon_e5-2609_v4core_i7-7920hqxeon_platinum_8174xeon_d-1612xeon_e-2254mlxeon_e3-1545m_v5core_i7-10700core_i9-10920xxeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_gold_6126xeon_e3-1260l_v5xeon_w-1250exeon_e5-2643_v4xeon_d-1563nxeon_e5-2699a_v4core_i7-10875hxeon_e-2276mlxeon_e-2244gxeon_e-2176gxeon_gold_6142fcore_i3-l13g4core_i7-8709gxeon_e5-4650_v3xeon_e5-2650l_v4xeon_gold_6130xeon_e-2104gxeon_platinum_8260core_i7-8557usimatic_ipc547gcore_i7-8700txeon_platinum_9242core_i7-6820hqxeon_platinum_8280lxeon_silver_4110core_i7-8650uxeon_bronze_3204xeon_gold_5119tcore_i7-1180g7core_i7-6700tcore_i7-6920hqxeon_gold_6246rxeon_e3-1230_v6xeon_gold_5217xeon_gold_6230nxeon_gold_6143xeon_w-3265xeon_gold_5218nxeon_e5-2620_v4xeon_gold_6138txeon_w-3245xeon_gold_5120core_i7-1185g7core_i7-1195g7xeon_e-2124gcore_i7-1165g7xeon_e5-2618l_v3xeon_d-1523nxeon_e5-2608l_v3core_i7-10700texeon_e-2288gxeon_d-1653nxeon_gold_5220xeon_e-2234xeon_d-1577xeon_d-1637xeon_gold_6254xeon_gold_6269yxeon_silver_4114tcore_i7-6700kxeon_gold_6240yxeon_e5-4669_v4aff_biosxeon_gold_6154xeon_w-1250xeon_e5-2640_v4hci_storage_node_biosxeon_gold_6208uxeon_e7-8893_v4xeon_w-1290exeon_e5-1650_v3xeon_w-3275core_i7-11700bxeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_silver_4116xeon_w-1270exeon_d-1633ncore_i7-7820eqxeon_gold_6252nxeon_e7-4820_v4xeon_gold_6244xeon_e5-2695_v3xeon_gold_6248xeon_e3-1220_v6xeon_w-1370pxeon_platinum_8280xeon_e-2186mxeon_e5-1660_v3xeon_d-1520xeon_e-2176mcore_i7-6785rcore_i7-6820hkxeon_platinum_8256xeon_gold_6152core_i7-1060ng7xeon_e5-2623_v3xeon_platinum_8158xeon_e5-2658a_v3xeon_e5-2418l_v3xeon_w-1290pxeon_e-2286gxeon_gold_6222vxeon_platinum_8176xeon_gold_6242xeon_e3-1275_v6xeon_d-1531core_i7-10810uxeon_e3-1575m_v5xeon_e-2278gxeon_e5-2650_v4xeon_platinum_8260yxeon_e3-1505l_v5xeon_platinum_8270xeon_d-1533nxeon_gold_6242rxeon_e3-1245_v6xeon_gold_6128xeon_silver_4215xeon_d-2142itxeon_platinum_8180mcore_i7-8850hxeon_gold_5118xeon_w-2235xeon_e5-2695_v4xeon_gold_6130fxeon_w-11955mcore_i7-6820eqxeon_gold_6134mcore_i9-10900xxeon_platinum_8276xeon_gold_6238txeon_e3-1235l_v5xeon_silver_4214yxeon_e5-2603_v4core_i9-10980xexeon_e5-4628l_v4xeon_e7-8860_v4xeon_w-1350xeon_silver_4106hxeon_gold_6138pcore_i7-8665uexeon_w-1290xeon_platinum_8176fxeon_d-1524nsolidfire_biosxeon_gold_6240rxeon_w-10885mxeon_w-2275xeon_d-1543nxeon_gold_6226xeon_e-2144gxeon_gold_6256xeon_d-1521xeon_w-1350pxeon_gold_6230rcore_i7-8569uxeon_gold_6252xeon_e5-4640_v3core_i7-1185g7exeon_gold_5218rxeon_gold_6226rxeon_bronze_3206rxeon_e5-1607_v4core_i7-1065g7xeon_platinum_8260lxeon_e5-1428l_v3core_i7-8559uxeon_platinum_8170mxeon_e-2146gxeon_platinum_8180xeon_d-2177ntxeon_e5-2650l_v3xeon_w-2175Intel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2014-8479
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-21 Jan, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FTP server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote authenticated users to cause a denial of service (reboot) via crafted FTP packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x-408_firmwarescalance_x-300poescalance_xr-300poescalance_x-300eecscalance_x-408scalance_x-300scalance_xr-300eecscalance_x-300_series_firmwarescalance_xr-300n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4912
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.53% / 66.35%
||
7 Day CHG~0.00%
Published-31 Jul, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.

Action-Not Available
Vendor-n/aSiemens AG
Product-winccn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-41769
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.80%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 11:27
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.

Action-Not Available
Vendor-Siemens AG
Product-6md857sa87_firmware6md867um856md89_firmware7sl87_firmware7sk85_firmware7ut867ss857sa877ke85_firmware7sd87_firmware6mu85_firmware6md896mu857st857vk877sd86_firmware7sl82_firmware7ut857sj81_firmware7ve85_firmware7st85_firmware7sl827sd867ke857sa86_firmware7sx8007ut86_firmware6md85_firmware7sk857sk827sx800_firmware7sd877sx85_firmware6md86_firmware7sk82_firmware7sa867sj827sj857sj86_firmware7sl86_firmware7sj817ut82_firmware7ut85_firmware7sj82_firmware7um85_firmware7ve857ut877vk87_firmware7sa827sj85_firmware7sl867sx857sd827ut87_firmware7ut827sj867sd82_firmware7sl877sa82_firmware7ss85_firmwareSIPROTEC 5 7SD82 devices (CPU variant CP100)SIPROTEC 5 6MD86 devices (CPU variant CP300)SIPROTEC 5 7VE85 devices (CPU variant CP300)SIPROTEC 5 7UT87 devices (CPU variant CP300)SIPROTEC 5 7ST85 devices (CPU variant CP300)SIPROTEC 5 7SL82 devices (CPU variant CP100)SIPROTEC 5 7UT82 devices (CPU variant CP100)SIPROTEC 5 6MU85 devices (CPU variant CP300)SIPROTEC 5 7SK82 devices (CPU variant CP100)SIPROTEC 5 7SK85 devices (CPU variant CP300)SIPROTEC 5 7UT86 devices (CPU variant CP300)SIPROTEC 5 7SA82 devices (CPU variant CP100)SIPROTEC 5 7VK87 devices (CPU variant CP300)SIPROTEC 5 7SD86 devices (CPU variant CP300)SIPROTEC 5 7SJ85 devices (CPU variant CP300)SIPROTEC 5 7SJ82 devices (CPU variant CP100)SIPROTEC 5 7SL87 devices (CPU variant CP300)SIPROTEC 5 7SX85 devices (CPU variant CP300)SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050)SIPROTEC 5 6MD85 devices (CPU variant CP300)SIPROTEC 5 7UM85 devices (CPU variant CP300)SIPROTEC 5 7SA86 devices (CPU variant CP300)SIPROTEC 5 7UT85 devices (CPU variant CP300)SIPROTEC 5 7SL86 devices (CPU variant CP300)SIPROTEC 5 7KE85 devices (CPU variant CP300)SIPROTEC 5 7SJ86 devices (CPU variant CP300)SIPROTEC 5 7SS85 devices (CPU variant CP300)SIPROTEC 5 7SD87 devices (CPU variant CP300)SIPROTEC 5 7SA87 devices (CPU variant CP300)SIPROTEC 5 6MD89 devices (CPU variant CP300)SIPROTEC 5 7SJ81 devices (CPU variant CP100)
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0669
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4||MEDIUM
EPSS-0.17% / 38.10%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.

Action-Not Available
Vendor-n/aSiemens AG
Product-wincc_tia_portaln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0670
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.3||MEDIUM
EPSS-0.33% / 55.03%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Action-Not Available
Vendor-n/aSiemens AG
Product-wincc_tia_portaln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-3003
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5.8||MEDIUM
EPSS-0.33% / 55.03%
||
7 Day CHG~0.00%
Published-08 Jun, 2012 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request.

Action-Not Available
Vendor-n/aSiemens AG
Product-winccn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 26
  • 27
  • Next
Details not found