Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-19279

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-10 Mar, 2020 | 19:16
Updated At-05 Aug, 2024 | 02:09
Rejected At-
Credits

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:10 Mar, 2020 | 19:16
Updated At:05 Aug, 2024 | 02:09
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

Affected Products
Vendor
Siemens AGSiemens AG
Product
SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules
Versions
Affected
  • All versions
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:10 Mar, 2020 | 20:15
Updated At:13 Mar, 2020 | 19:49

A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Siemens AG
siemens
>>siprotec_4>>*
cpe:2.3:a:siemens:siprotec_4:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>siprotec_compact>>*
cpe:2.3:a:siemens:siprotec_compact:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondaryproductcert@siemens.com
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1329Records found
CVE-2023-39950
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.07% / 21.09%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 20:17
Updated-01 Oct, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient input validation in efibootguard

efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them.

Action-Not Available
Vendor-Siemens AG
Product-efibootguardefibootguard
CWE ID-CWE-20
Improper Input Validation
CVE-2011-4877
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-7.1||HIGH
EPSS-23.69% / 95.78%
||
7 Day CHG~0.00%
Published-03 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted data over TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_hmi_panelswincc_flexible_runtimewincc_flexiblewincc_runtime_advancedwinccn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-4879
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-8.5||HIGH
EPSS-39.57% / 97.20%
||
7 Day CHG~0.00%
Published-03 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_hmi_panelswincc_flexible_runtimewincc_flexiblewincc_runtime_advancedwinccn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-4530
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-19.73% / 95.22%
||
7 Day CHG~0.00%
Published-08 Jan, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME or (2) grant->VERSION function.

Action-Not Available
Vendor-n/aSiemens AG
Product-automation_license_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40746
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.27% / 50.25%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:17
Updated-20 Aug, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2031
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.97% / 75.75%
||
7 Day CHG~0.00%
Published-31 Jan, 2020 | 19:33
Updated-05 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-aruba_instantairwavearubaosscalance_w1750d_firmwarescalance_w1750dn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-4850
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.41%
||
7 Day CHG~0.00%
Published-16 May, 2018 | 17:00
Updated-16 Sep, 2024 | 22:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions < V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400hsimatic_s7-400h_firmwaresimatic_s7-400simatic_s7-400_firmwareSIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, SIMATIC S7-400 (incl. F) CPU hardware version 5.0, SIMATIC S7-400H CPU hardware version 4.5 and below
CWE ID-CWE-20
Improper Input Validation
CVE-2017-14023
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.9||MEDIUM
EPSS-2.77% / 85.46%
||
7 Day CHG~0.00%
Published-06 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_pcs7simatic_winccSiemens SIMATIC PCS 7
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40593
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.06% / 19.31%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cn_4100SIMATIC CN 4100
CWE ID-CWE-20
Improper Input Validation
CVE-2023-26293
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 09:03
Updated-25 Nov, 2024 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.

Action-Not Available
Vendor-Siemens AG
Product-tia_portalTotally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V15Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V18
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-9156
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.50% / 64.78%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2017-0148
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.1||HIGH
EPSS-94.17% / 99.91%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 00:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-27||Apply updates per vendor instructions.

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Action-Not Available
Vendor-Siemens AGMicrosoft Corporation
Product-windows_server_2008windows_7tissue_preparation_system_firmwareversant_kpcr_sample_prep_firmwareversant_kpcr_molecular_systemacuson_p500acuson_p500_firmwarewindows_10_1507acuson_x700_firmwarewindows_10_1511server_message_blocktissue_preparation_systemwindows_vistaversant_kpcr_sample_prepacuson_x700acuson_sc2000versant_kpcr_molecular_system_firmwaresyngo_sc2000_firmwareacuson_p300_firmwarewindows_server_2012syngo_sc2000windows_10_1607windows_server_2016acuson_p300windows_8.1acuson_sc2000_firmwarewindows_rt_8.1Windows SMBSMBv1 server
CWE ID-CWE-20
Improper Input Validation
CVE-2020-10054
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.89%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacker could import a specially crafted file which could lead to a denial-of-service condition of the application service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0590
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.65%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 17:54
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel CorporationSiemens AG
Product-xeon_platinum_8276lxeon_platinum_8153xeon_silver_4210r_firmwarexeon_platinum_8170_firmwarexeon_platinum_9222xeon_bronze_3104_firmwarexeon_gold_6230txeon_gold_6146xeon_gold_6126f_firmwarexeon_gold_6126txeon_gold_6140_firmwarexeon_platinum_8168_firmwarexeon_silver_4108_firmwarexeon_gold_5115xeon_gold_6238_firmwarexeon_platinum_8170xeon_gold_6136xeon_gold_6138f_firmwarexeon_gold_5217_firmwarexeon_gold_6138xeon_gold_6246simatic_ipc547g_firmwarexeon_platinum_8164xeon_gold_6240_firmwarexeon_gold_6234xeon_silver_4116t_firmwarexeon_gold_6238rxeon_gold_5215xeon_platinum_8268_firmwarexeon_gold_6248_firmwarexeon_gold_6262vxeon_platinum_8168xeon_gold_6244_firmwarexeon_gold_5218xeon_silver_4109txeon_bronze_3206r_firmwarexeon_silver_4215rxeon_gold_5215lxeon_silver_4215_firmwarexeon_gold_5220r_firmwarexeon_gold_5122_firmwarexeon_gold_6138t_firmwarexeon_gold_6138fxeon_silver_4116_firmwarexeon_gold_5122xeon_platinum_8180_firmwarexeon_silver_4210_firmwarexeon_gold_6132_firmwarexeon_gold_6136_firmwarexeon_silver_4210txeon_gold_6212u_firmwarexeon_gold_6212uxeon_gold_6126_firmwarexeon_gold_6240l_firmwarexeon_silver_4114xeon_gold_6248rxeon_gold_6250l_firmwarexeon_silver_4214r_firmwarexeon_platinum_8276_firmwarexeon_gold_6258rxeon_bronze_3104xeon_gold_6240xeon_gold_6238lxeon_gold_6240lxeon_gold_6150_firmwarexeon_gold_6250xeon_platinum_8156xeon_bronze_3106_firmwarexeon_gold_6138_firmwarexeon_gold_5218n_firmwarexeon_gold_5215_firmwarexeon_gold_5220s_firmwaresimatic_ipc527gxeon_platinum_8260y_firmwarexeon_gold_6144_firmwarexeon_gold_6126fxeon_silver_4109t_firmwarexeon_gold_5218tsimatic_ipc847e_firmwarexeon_gold_6240y_firmwaresimatic_ipc527g_firmwarexeon_gold_6150xeon_gold_6242_firmwarexeon_gold_5220rxeon_gold_6140xeon_silver_4114_firmwarexeon_gold_6230_firmwarexeon_platinum_8280l_firmwarexeon_platinum_8160fxeon_gold_6148f_firmwarexeon_gold_6250lxeon_gold_6210uxeon_gold_6126simatic_ipc647exeon_platinum_8158_firmwarexeon_gold_5120_firmwarexeon_silver_4216xeon_silver_4114t_firmwarexeon_gold_6230xeon_platinum_8253xeon_gold_6134_firmwarexeon_gold_6130t_firmwarexeon_gold_5218r_firmwarexeon_gold_6242r_firmwarexeon_gold_6130f_firmwarexeon_silver_4116tclustered_data_ontapxeon_gold_6246r_firmwarexeon_gold_6142fsimatic_ipc627exeon_gold_6238xeon_platinum_8153_firmwarexeon_gold_6126t_firmwarexeon_gold_6130xeon_silver_4214y_firmwarexeon_silver_4208xeon_platinum_8260xeon_platinum_8160t_firmwarexeon_bronze_3204_firmwarexeon_silver_4214_firmwarexeon_gold_5220ssimatic_ipc547gxeon_platinum_9242xeon_platinum_9282xeon_gold_5119t_firmwarexeon_platinum_8280lxeon_silver_4110xeon_gold_6142_firmwarexeon_bronze_3204xeon_platinum_9242_firmwarexeon_platinum_8280_firmwarexeon_gold_6240r_firmwarexeon_gold_5119txeon_silver_4108xeon_gold_6130txeon_silver_4210xeon_platinum_8256_firmwarexeon_gold_6246rcloud_backupxeon_gold_5217xeon_gold_6230nxeon_silver_4215r_firmwarexeon_gold_5218nxeon_gold_6246_firmwarexeon_gold_5222_firmwarexeon_bronze_3106xeon_gold_6138tsimatic_ipc647e_firmwarexeon_gold_6248r_firmwarexeon_platinum_9221_firmwarexeon_gold_6256_firmwarexeon_gold_5120simatic_ipc627e_firmwarexeon_gold_5220xeon_gold_6154_firmwarexeon_platinum_8160txeon_silver_4214rxeon_gold_6254xeon_silver_4209t_firmwarexeon_silver_4114txeon_gold_6240yxeon_platinum_8176_firmwarexeon_gold_6154xeon_gold_6230t_firmwarexeon_gold_5215l_firmwarexeon_silver_4208_firmwarexeon_gold_6208uxeon_platinum_8268xeon_gold_6252n_firmwarexeon_gold_5120t_firmwarexeon_gold_6230n_firmwarexeon_gold_5222xeon_platinum_8270_firmwarexeon_gold_6230r_firmwarexeon_silver_4209txeon_gold_6234_firmwarexeon_silver_4116xeon_gold_6210u_firmwarexeon_gold_6252nxeon_platinum_9221xeon_gold_6244xeon_platinum_8160xeon_gold_5218t_firmwarexeon_gold_6248xeon_gold_5115_firmwarexeon_platinum_8260l_firmwarexeon_gold_6226_firmwarexeon_platinum_8156_firmwaresimatic_ipc847exeon_gold_5118_firmwarexeon_platinum_8280xeon_gold_6152_firmwarexeon_gold_6146_firmwarexeon_platinum_8176f_firmwarexeon_gold_6148fxeon_gold_5218_firmwarexeon_gold_6132xeon_gold_6238t_firmwarexeon_platinum_8256xeon_gold_6152xeon_gold_6238l_firmwarexeon_platinum_8158xeon_gold_5218b_firmwarexeon_gold_6222vxeon_platinum_8176xeon_platinum_8160_firmwarexeon_gold_6242xeon_silver_4112_firmwarexeon_gold_6262v_firmwarexeon_gold_6142xeon_platinum_8260yxeon_platinum_8270xeon_gold_6242rxeon_gold_6148_firmwarexeon_silver_4215xeon_gold_6128xeon_platinum_9222_firmwarexeon_gold_5220t_firmwarexeon_platinum_8253_firmwarexeon_gold_5118xeon_silver_4210t_firmwarexeon_gold_6130fxeon_gold_5220_firmwarexeon_gold_6208u_firmwarexeon_silver_4214xeon_platinum_8276xeon_gold_6142f_firmwarexeon_gold_6250_firmwarexeon_gold_6238txeon_silver_4210rxeon_platinum_8164_firmwarexeon_silver_4214yxeon_gold_5218bxeon_silver_4216_firmwarexeon_gold_6138pxeon_gold_6254_firmwarexeon_gold_6138p_firmwarexeon_platinum_8176fxeon_gold_6240rsimatic_ipc677exeon_gold_6258r_firmwarexeon_gold_6209uxeon_silver_4112xeon_gold_6226xeon_gold_6256xeon_gold_6130_firmwarexeon_gold_6238r_firmwarexeon_gold_5120txeon_gold_6230rxeon_gold_6252xeon_gold_6134xeon_gold_6222v_firmwarexeon_platinum_8160f_firmwarexeon_gold_6226r_firmwarexeon_platinum_8260_firmwarexeon_gold_5218rxeon_gold_6226rxeon_bronze_3206rxeon_gold_6252_firmwaresimatic_ipc677e_firmwarexeon_gold_6148xeon_gold_6209u_firmwarexeon_silver_4110_firmwarefas\/aff_biosxeon_platinum_8260lxeon_gold_6144xeon_platinum_9282_firmwarexeon_platinum_8180xeon_platinum_8276l_firmwarexeon_gold_6128_firmwarexeon_gold_5220tIntel(R) Processors
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8563
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.00% / 76.09%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.

Action-Not Available
Vendor-n/aSiemens AG
Product-automation_license_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2201
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.61% / 81.02%
||
7 Day CHG~0.00%
Published-08 Feb, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to bypass a replay protection mechanism via packets on TCP port 102.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7-1518f-4_pn\/dp_cpusimatic_s7-1518-4_pn\/dp_cpusimatic_s7-1515-2_pn_cpusimatic_s7-1511f-1_pn_cpusimatic_s7-1516f-3_pn\/dp_cpusimatic_s7-1513f-1_pn_cpusimatic_s7-1517f-3_pn\/dp_cpusimatic_s7-1512c-1_pn_cpusimatic_s7-1516-3_pn\/dp_cpusimatic_s7-1500_cpu_firmwaresimatic_s7-1513-1_pn_cpusimatic_s7-1511c-1_pn_cpusimatic_s7-1515f-2_pn_cpusimatic_s7-1511-1_pn_cpusimatic_s7-1517-3_pn\/dp_cpun/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34293
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13020)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2019-17006
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 62.90%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 20:24
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.

Action-Not Available
Vendor-Mozilla CorporationNetApp, Inc.Siemens AG
Product-ruggedcom_rox_rx1511ruggedcom_rox_rx1512hci_storage_nodenetwork_security_servicesruggedcom_rox_mx5000_firmwareruggedcom_rox_rx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510hci_compute_noderuggedcom_rox_rx1400_firmwaresolidfireruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx5000ruggedcom_rox_rx1501hci_management_noderuggedcom_rox_mx5000ruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx1512_firmwareNSS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2016-9042
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-3.7||LOW
EPSS-2.53% / 84.85%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 03:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

Action-Not Available
Vendor-ntpFreeBSD FoundationTalos (Cisco Systems, Inc.)Hewlett Packard Enterprise (HPE)Siemens AG
Product-freebsdntpsimatic_net_cp_443-1_opc_uasimatic_net_cp_443-1_opc_ua_firmwarehpux-ntpNetwork Time Protocol
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3634
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.14%
||
7 Day CHG~0.00%
Published-24 May, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x204irtscalance_x200-4p_irtscalance_x202-2p_irtscalance_x202-2irtscalance_x200irt_firmwarescalance_xf204irtscalance_x201-3p_irtn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-13932
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-0.37% / 57.97%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack could allow the import of scripts or generation of malicious links. This could allow the attacker to read or modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-xhqXHQ
CWE ID-CWE-20
Improper Input Validation
CVE-2019-13939
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.34% / 56.36%
||
7 Day CHG~0.00%
Published-16 Jan, 2020 | 15:35
Updated-10 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Desigo PXC00-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC100-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC12-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC50-E.D (All versions >= V2.3 < V6.0.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3 < V6.0.327), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.

Action-Not Available
Vendor-Siemens AG
Product-nucleus_source_codenucleus_safetycertdesigo_pxc00-u_firmwaretalon_tcnucleus_netsimotics_connect_400desigo_pxm20desigopxc50-e.d_firmwaredesigo_pxc36.1-e.dtalon_tc_firmwaredesigopxc200-e.d_firmwaredesigo_pxc001-e.ddesigopxm20-e_firmwaredesigo_pxc00-usimotics_connect_400_firmwarenucleus_readystartdesigopxc128-u_firmwaredesigopxc64-udesigo_pxc22.1-e.ddesigo_pxc22-e.d_firmwaredesigopxc64-u_firmwaredesigopxc128-ucapital_vstarapogee_modular_building_controllerdesigopxc200-e.dapogee_modular_equiment_controllerdesigopxm20-edesigo_pxc12-e.ddesigo_pxc22-e.ddesigo_pxc36.1-e.d_firmwareapogee_modular_equiment_controller_firmwaredesigopxc50-e.ddesigo_pxc00-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc22.1-e.d_firmwaredesigo_pxc001-e.d_firmwaredesigo_pxc12-e.d_firmwareapogee_pxc_firmwaredesigo_pxm20_firmwaredesigopxc100-e.d_firmwareapogee_modular_building_controller_firmwareapogee_pxcdesigo_pxcdesigo_pxc_firmwaredesigopxc100-e.dnucleus_rtosAPOGEE PXC Modular (BACnet)Desigo PXC36.1-E.DDesigo PXC001-E.DNucleus NETDesigo PXC200-E.DDesigo PXC22-E.DDesigo PXC00-UAPOGEE MEC/MBC/PXC (P2)Capital Embedded AR Classic R20-11APOGEE PXC Compact (P2 Ethernet)Desigo PXC00-E.DCapital Embedded AR Classic 431-422APOGEE PXC Modular (P2 Ethernet)Desigo PXC12-E.DNucleus ReadyStart V3Desigo PXC128-UDesigo PXC22.1-E.DDesigo PXC50-E.DNucleus Source CodeAPOGEE PXC Compact (BACnet)SIMOTICS CONNECT 400Desigo PXC64-UDesigo PXC100-E.DTALON TC Compact (BACnet)Desigo PXM20-ETALON TC Modular (BACnet)
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5743
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.63% / 89.98%
||
7 Day CHG~0.00%
Published-22 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_runtime_professionalsimatic_batchsimatic_winccsimatic_pcs_7simatic_openpcs_7n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5874
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.30% / 78.93%
||
7 Day CHG~0.00%
Published-22 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_net_pc-softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-4531
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-22.82% / 95.68%
||
7 Day CHG~0.00%
Published-08 Jan, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

Action-Not Available
Vendor-n/aSiemens AG
Product-automation_license_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34318
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.40% / 60.18%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13403)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-7588
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 59.80%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.

Action-Not Available
Vendor-Siemens AG
Product-simatic_notifier_serversimatic_step_7opcenter_intelligencesimatic_it_production_suitesimatic_it_lmssimatic_pcs_neoopcenter_execution_processsoft_starter_esopcenter_qualitysimocode_esopcenter_rd\&lopcenter_execution_discreteopcenter_execution_foundationSIMATIC Notifier Server for WindowsOpcenter Execution DiscreteOpcenter RD&LOpcenter Execution FoundationSIMATIC IT Production SuiteSoft Starter ES V16Opcenter QualitySIMATIC STEP 7 (TIA Portal) V16SIMATIC PCS neoSoft Starter ES V15.1SIMATIC STEP 7 (TIA Portal) V15SIMATIC IT LMSSIMOCODE ES V16Opcenter Execution ProcessSIMOCODE ES V15.1Opcenter Intelligence
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6865
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 25.34%
||
7 Day CHG~0.00%
Published-11 May, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.

Action-Not Available
Vendor-Siemens AG
Product-simatic_automation_toolsinaut_st7ccsimatic_step_7_\(tia_portal\)simatic_winccsimatic_winac_rtx_2010smart_pc_accesssimatic_wincc_flexible_2008simatic_winac_rtx_f_2010security_configuration_toolsinema_serverpcs_7sinumerik_808d_programming_toolsimatic_wincc_\(tia_portal\)primary_setup_toolsimatic_step_7_micro\/win_smartsimatic_net_pc-softwareSIMATIC WinAC RTX F 2010 SP2Security Configuration Tool (SCT)SIMATIC STEP 7 (TIA Portal) V13SIMATIC WinCC (TIA Portal) V14SIMATIC Automation ToolSIMATIC WinCC (TIA Portal) V13SIMATIC WinCC V7.2 and priorSIMATIC NET PC-SoftwareSIMATIC WinCC V7.3SIMATIC WinCC flexible 2008STEP 7 - Micro/WIN SMARTSIMATIC WinCC V7.4Primary Setup Tool (PST)SMART PC AccessSIMATIC PCS 7 V8.1SIMATIC STEP 7 V5.XSINEMA ServerSINUMERIK 808D Programming ToolSINAUT ST7CCSIMATIC WinAC RTX 2010 SP2SIMATIC PCS 7 V8.2SIMATIC STEP 7 (TIA Portal) V14
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27493
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 10.03%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command line interface. This could allow an authenticated local administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integrated_ac5102_\(acc-g2\)_firmwaresipass_integrated_acc-ap_firmwaresipass_integrated_acc-apsipass_integrated_ac5102_\(acc-g2\)SiPass integrated ACC-APSiPass integrated AC5102 (ACC-G2)
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34331
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13442)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43546
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.62% / 81.10%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-21 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa1_firmware7kg9501-0aa31-2aa1SICAM P850POWER METER SICAM Q100SICAM P855sicam_q100_firmwaresicam_p855_firmwaresicam_p850_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43545
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.14% / 77.50%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmwareSICAM P850POWER METER SICAM Q100SICAM P855
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43439
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-0.93% / 75.14%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmwareSICAM P850POWER METER SICAM Q100SICAM P855
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27494
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.18% / 39.38%
||
7 Day CHG+0.05%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integrated_ac5102_\(acc-g2\)_firmwaresipass_integrated_acc-ap_firmwaresipass_integrated_acc-apsipass_integrated_ac5102_\(acc-g2\)SiPass integrated ACC-APSiPass integrated AC5102 (ACC-G2)
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34314
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13355)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34305
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.46% / 63.32%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13340)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34322
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 42.70%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13416)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34295
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13024)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34309
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13350)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34296
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13057)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34319
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13404)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34310
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13351)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34298
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing BMP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13060)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34316
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The DL180CoolType.dll library in affected applications lacks proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13380)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34300
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13194)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34301
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing BMP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13196)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34323
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13419)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34311
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Mono_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13352)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34330
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.40% / 60.18%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13430)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34294
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13023

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 26
  • 27
  • Next
Details not found