Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-10055

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-14 Aug, 2020 | 15:24
Updated At-04 Aug, 2024 | 10:50
Rejected At-
Credits

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:14 Aug, 2020 | 15:24
Updated At:04 Aug, 2024 | 10:50
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

Affected Products
Vendor
Siemens AGSiemens AG
Product
Desigo CC
Versions
Affected
  • V4.x
Vendor
Siemens AGSiemens AG
Product
Desigo CC
Versions
Affected
  • V3.x
Vendor
Siemens AGSiemens AG
Product
Desigo CC Compact
Versions
Affected
  • V4.x
Vendor
Siemens AGSiemens AG
Product
Desigo CC Compact
Versions
Affected
  • V3.x
Problem Types
TypeCWE IDDescription
CWECWE-94CWE-94: Improper Control of Generation of Code ('Code Injection')
Type: CWE
CWE ID: CWE-94
Description: CWE-94: Improper Control of Generation of Code ('Code Injection')
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf
x_refsource_MISC
https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf
Resource:
x_refsource_MISC
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf
x_refsource_MISC
x_transferred
https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:14 Aug, 2020 | 16:15
Updated At:21 Aug, 2020 | 14:41

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Siemens AG
siemens
>>desigo_consumption_control>>3.0
cpe:2.3:a:siemens:desigo_consumption_control:3.0:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_consumption_control>>4.0
cpe:2.3:a:siemens:desigo_consumption_control:4.0:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_consumption_control_compact>>3.0
cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0:*:*:*:*:*:*:*
Siemens AG
siemens
>>desigo_consumption_control_compact>>4.0
cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-94Primarynvd@nist.gov
CWE-94Secondaryproductcert@siemens.com
CWE ID: CWE-94
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-94
Type: Secondary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdfproductcert@siemens.com
Patch
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06productcert@siemens.com
Patch
Third Party Advisory
US Government Resource
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf
Source: productcert@siemens.com
Resource:
Patch
Vendor Advisory
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06
Source: productcert@siemens.com
Resource:
Patch
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

1408Records found
CVE-2020-24636
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-4.51% / 88.70%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:08
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-25228
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 62.50%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access to this service. The system manual recommends to protect access to this port.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-22823
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.73%
||
7 Day CHG~0.00%
Published-08 Jan, 2022 | 02:57
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Action-Not Available
Vendor-libexpat_projectn/aSiemens AGTenable, Inc.Debian GNU/Linux
Product-nessussinema_remote_connect_serverdebian_linuxlibexpatn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-15798
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 77.86%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046)

Action-Not Available
Vendor-Siemens AG
Product-sinamics_gh150_firmwaresinamics_sl150sinamics_sh150simatic_hmi_ktp_mobile_panels_firmwaresinamics_sm150_firmwaresinamics_sh150_firmwaresinamics_gm150sinamics_sm120simatic_hmi_ktp_mobile_panelssinamics_gl150_firmwaresinamics_sm150isinamics_gl150sinamics_sl150_firmwaresinamics_sm150i_firmwaresimatic_hmi_comfort_panelssinamics_gm150_firmwaresinamics_sm150simatic_hmi_comfort_panels_firmwaresinamics_gh150sinamics_sm120_firmwareSINAMICS SL150SINAMICS SM150iSIMATIC HMI Comfort Panels (incl. SIPLUS variants)SINAMICS GH150SINAMICS GM150 (with option X30)SINAMICS SM120SIMATIC HMI KTP Mobile PanelsSINAMICS SM150SINAMICS GL150 (with option X30)SINAMICS SH150
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-15786
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.22%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 18:11
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions < V16), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions <= V16), SIMATIC HMI Mobile Panels (All versions <= V16), SIMATIC HMI Unified Comfort Panels (All versions <= V16). Affected devices insufficiently block excessive authentication attempts. This could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_united_comfort_panelssimatic_hmi_basic_panels_2nd_generationsimatic_hmi_basic_panels_2nd_generation_firmwaresimatic_hmi_comfort_panelssimatic_hmi_comfort_panels_firmwaresimatic_hmi_mobile_panels_firmwaresimatic_hmi_united_comfort_panels_firmwaresimatic_hmi_mobile_panelsSIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)SIMATIC HMI Unified Comfort PanelsSIMATIC HMI Comfort Panels (incl. SIPLUS variants)SIMATIC HMI Mobile Panels
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2020-15787
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.22%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 18:11
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions <= V16). Affected devices insufficiently validate authentication attempts as the information given can be truncated to match only a set number of characters versus the whole provided string. This could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_united_comfort_panelssimatic_hmi_united_comfort_panels_firmwareSIMATIC HMI Unified Comfort Panels
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CWE ID-CWE-287
Improper Authentication
CVE-2020-15782
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.59%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 16:10
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.

Action-Not Available
Vendor-Siemens AG
Product-s7-1200_cpu_firmware6es7515-2fm01-0ab06es7516-3an02-0ab06es7515-2rm00-0ab06es7515-2am02-0ab06es7512-1ck00-0ab06es7513-1fl02-0ab06es7516-3fn02-0ab0cpu_1214csimatic_driver_controller_firmwarecpu_1212fc6es7512-1dk01-0ab06es7517-3up00-0ab0cpu_1515sp_pc6es7513-1rl00-0ab06es7517-3fp00-0ab0cpu_1211c6es7512-1ck01-0ab06es7511-1uk01-0ab06es7515-2fm02-0ab06es7511-1fk02-0ab06es7515-2um01-0ab0cpu_1507d_tf6es7511-1ak02-0ab06es7513-1al02-0ab0cpu_1217c6es7513-2gl00-0ab0et_200sp_open_controller_firmwarecpu_1215fc6es7510-1sj01-0ab0cpu_1214fc6es7516-3an01-0ab06es7518-4fp00-0ab06es7518-4fp00-3ab0simatic_s7-1500__software_controller6es7511-1fk01-0ab06es7515-2tm01-0ab06es7511-1ak01-0ab06es7513-2pl00-0ab0cpu_1215c6es7518-4ap00-0ab06es7516-3tn00-0ab06es7517-3ap00-0ab06es7517-3hp00-0ab06es7512-1sk01-0ab06es7518-4ap00-3ab0cpu_1515sp_pc26es7515-2am01-0ab0cpu_1504d_tf6es7511-1ck00-0ab06es7511-1tk01-0ab06es7513-1al01-0ab06es7510-1dj01-0ab06es7513-1fl01-0ab06es7516-3fn01-0ab0cpu_1212c6es7517-3tp00-0ab06es7516-3un00-0ab06es7511-1ck01-0ab0simatic_s7-plcsim_advanced6es7516-2gn00-0ab0s7-1500_cpu_firmware6es7516-2pn00-0ab0SINUMERIK ONESIMATIC S7-1500 Software ControllerSINAMICS PERFECT HARMONY GH180 DrivesSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC Drive Controller familySIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SINUMERIK MCSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)SIMATIC S7-PLCSIM Advanced
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-15800
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.84% / 73.88%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xc208scalance_xf206-1_firmwarescalance_xb205-3scalance_xc216eec_firmwarescalance_x320-1fe_firmwarescalance_xp208scalance_xc206-2sfp_g_\(e\/ip\)scalance_xc224-4c_g_eec_firmwarescalance_xc206-2sfp_g_eec_firmwarescalance_xp216scalance_xb213-3_firmwarescalance_x202-2irtscalance_xb205-3ldscalance_xc208g_eecscalance_xf204-2scalance_xc206-2sfp_g_firmwarescalance_xc216-4c_g_\(e\/ip\)_firmwarescalance_xb205-3_firmwarescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xb216_firmwarescalance_xp216poe_eec_firmwarescalance_xb213-3ldscalance_xf204-2ba_irtscalance_xc206-2g_poe__firmwarescalance_xf208_firmwarescalance_xc208g_eec_firmwarescalance_x204irt_firmwarescalance_xf204scalance_x308-2lh\+scalance_x202-2pirtscalance_xc208eec_firmwarescalance_xf204_dnascalance_xc208g_poescalance_x307-3_firmwarescalance_xc224-4c_g_\(e\/ip\)_firmwarescalance_xb213-3ld_firmwarescalance_x310fe_firmwarescalance_xf204-2ba_irt_firmwarescalance_x308-2ldscalance_xc216scalance_x308-2scalance_x200-4pirtscalance_xc206-2sfp_g_eecscalance_x201-3pirtscalance_xc206-2sfp_g_\(e\/ip\)_firmwarescalance_xp216eec_firmwarescalance_xc208g_\(e\/ip\)_firmwarescalance_xp208eecscalance_x202-2pirt_siplus_netscalance_xb208scalance_x308-2m_tsscalance_xc206-2g_poe_eecscalance_xc216-4c_g_firmwarescalance_xc206-2g_poe_scalance_x202-2irt_firmwarescalance_x307-3ldscalance_xc224__firmwarescalance_xf201-3p_irt_firmwarescalance_xc206-2sfp_gscalance_xp208poe_eecscalance_xf204-2ba_dnascalance_xc206-2_firmwarescalance_xb213-3scalance_x310fescalance_xc224-4c_g_scalance_xc216-4c_firmwarescalance_xp216poe_eecscalance_x308-2_firmwarescalance_xc216-4c_g_\(e\/ip\)scalance_x320-3ldfe_firmwarescalance_x307-3ld_firmwarescalance_x308-2lhscalance_x202-2pirt_firmwarescalance_x201-3pirt_firmwarescalance_x310scalance_xb205-3ld_firmwarescalance_xc224-4c_g_eecscalance_xc224_scalance_xp216_\(eip\)_firmwarescalance_xc216eecscalance_xf204_firmwarescalance_x308-2m_firmwarescalance_xp208_\(eip\)scalance_xc208gscalance_xb216scalance_xf204-2_firmwarescalance_xf202-2p_irtscalance_x308-2mscalance_xc206-2g_poe_eec_firmwarescalance_xc216_firmwarescalance_xc208eecscalance_xc206-2sfp_eec_firmwarescalance_xc216-4cscalance_x202-2pirt_siplus_net_firmwarescalance_xf204_dna_firmwarescalance_xc208g_firmwarescalance_xc206-2sfpscalance_xc208_firmwarescalance_x308-2m_ts_firmwarescalance_xp216_\(eip\)scalance_xf201-3p_irtscalance_xf208scalance_xp208_\(eip\)_firmwarescalance_xf204irtscalance_xp208eec_firmwarescalance_x204irtscalance_xc206-2sfp_firmwarescalance_xc208g_\(e\/ip\)scalance_xb208_firmwarescalance_xc224-4c_g__firmwarescalance_x308-2lh_firmwarescalance_xc206-2scalance_x320-3ldfescalance_xc208g_poe_firmwarescalance_xf206-1scalance_x310_firmwarescalance_x200-4pirt_firmwarescalance_xf204-2ba_dna_firmwarescalance_xc224-4c_g_\(e\/ip\)scalance_x320-1fescalance_xc216-4c_g_eec_firmwarescalance_xf202-2p_irt_firmwarescalance_xp216_firmwarescalance_x307-3scalance_xp208_firmwarescalance_xp208poe_eec_firmwarescalance_xp216eecscalance_xf204irt_firmwarescalance_xc216-4c_g_eecscalance_xc206-2sfp_eecscalance_xc216-4c_gSCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)SCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-18922
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.98% / 85.99%
||
7 Day CHG~0.00%
Published-30 Jun, 2020 | 11:00
Updated-05 Aug, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.

Action-Not Available
Vendor-libvncserver_projectn/aSiemens AGCanonical Ltd.openSUSEFedora Project
Product-ubuntu_linuxsimatic_itc1500_prosimatic_itc1900simatic_itc2200_pro_firmwaresimatic_itc2200simatic_itc1500_pro_firmwaresimatic_itc1500simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwarefedorasimatic_itc2200_firmwaresimatic_itc2200_prolibvncserversimatic_itc1900_proleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-2068
Matching Score-8
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-8
Assigner-OpenSSL Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-69.30% / 98.58%
||
7 Day CHG~0.00%
Published-21 Jun, 2022 | 14:45
Updated-05 May, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The c_rehash script allows command injection

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).

Action-Not Available
Vendor-OpenSSLSiemens AGBroadcom Inc.NetApp, Inc.Debian GNU/LinuxFedora Project
Product-h410saff_8700_firmwarefas_8300_firmwaredebian_linuxh500s_firmwareaff_a400h610ssinec_insbootstrap_osh410c_firmwaresannavh410csantricity_smi-s_provideropensslh700sh500sfas_8700_firmwareaff_8700h610contap_select_deploy_administration_utilityh615c_firmwareaff_a400_firmwarehci_management_nodeaff_8300fas_a400h610c_firmwarehci_compute_nodeh700s_firmwaresmi-s_providerfedorasolidfirefas_8700h410s_firmwaresnapmanagerh615ch300s_firmwarefas_8300element_softwareh610s_firmwarefas_a400_firmwareaff_8300_firmwareh300sontap_antivirus_connectorOpenSSL
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2011-4875
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.3||HIGH
EPSS-41.05% / 97.29%
||
7 Day CHG~0.00%
Published-03 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_hmi_panelswincc_flexible_runtimewincc_flexiblewincc_runtime_advancedwinccn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-4055
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.3||HIGH
EPSS-9.86% / 92.69%
||
7 Day CHG~0.00%
Published-08 Jan, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL.

Action-Not Available
Vendor-n/aSiemens AG
Product-tecnomatix_factorylinkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-4508
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.3||HIGH
EPSS-0.19% / 41.30%
||
7 Day CHG~0.00%
Published-03 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication tokens for cookies, which makes it easier for remote attackers to bypass authentication via a crafted cookie.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_hmi_panelswincc_flexible_runtimewincc_flexiblewincc_runtime_advancedwinccn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-24845
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 45.90%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:20
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The affected products insufficiently block data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2488ncruggedcom_rs969ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2100ruggedcom_rsg2300pruggedcom_rsg910cruggedcom_rs416ruggedcom_rs900_\(32m\)ruggedcom_i802ncruggedcom_m969fruggedcom_rosruggedcom_m2100ruggedcom_rs910lncruggedcom_rsg2300fruggedcom_rs900mnc-stnd-xxruggedcom_rs930wruggedcom_rmc8388ruggedcom_rsg2200ruggedcom_rsg2300ncruggedcom_rs969ncruggedcom_rsl910ncruggedcom_m2200fruggedcom_rs1600ruggedcom_rs910lruggedcom_rsg2288ncruggedcom_rs900m-stnd-c01ruggedcom_m969ruggedcom_rs900g_\(32m\)ruggedcom_rsg2200ncruggedcom_rs900m-stnd-xxruggedcom_rsg2100nc\(32m\)ruggedcom_m969ncruggedcom_i801ncruggedcom_rs900nc\(32m\)ruggedcom_rsg2300pfruggedcom_m2100fruggedcom_rsg2488fruggedcom_rsl910ruggedcom_rs900lruggedcom_rs401ncruggedcom_rs900lncruggedcom_rs900m-gets-c01ruggedcom_rs900ncruggedcom_rs900mnc-gets-c01ruggedcom_rs920wruggedcom_rs8000aruggedcom_rs416v2ruggedcom_rst916cruggedcom_rsg2300ruggedcom_rs8000ancruggedcom_rst2228pruggedcom_rs8000ncruggedcom_rsg908cruggedcom_i803ruggedcom_rmc30ncruggedcom_rs930lncruggedcom_rsg2488ruggedcom_rs900gruggedcom_rs416pnc_v2ruggedcom_rs8000tncruggedcom_rsg2288ruggedcom_rs900gfruggedcom_rs940gruggedcom_rsg920pncruggedcom_rsg2100fruggedcom_rmc8388ncruggedcom_rs910ruggedcom_rs930lruggedcom_rsg907rruggedcom_rs1600tncruggedcom_rs900gpncruggedcom_rs8000hncruggedcom_rs900wruggedcom_rp110ncruggedcom_rs900gncruggedcom_rsg2100pncruggedcom_i801ruggedcom_rs940gncruggedcom_rs416pncruggedcom_rsg2100pfruggedcom_rs416ncruggedcom_i800ruggedcom_rs900mnc-gets-xxruggedcom_rs940gfruggedcom_rst2228ruggedcom_i800ncruggedcom_rsg909rruggedcom_rs1600truggedcom_rs401ruggedcom_rs900ruggedcom_rs8000truggedcom_rs416pv2ruggedcom_rs416fruggedcom_rp110ruggedcom_rs920lncruggedcom_i803ncruggedcom_i802ruggedcom_rs910wruggedcom_m2200ncruggedcom_rsg2100pruggedcom_rs900gpfruggedcom_rs8000ruggedcom_rst916pruggedcom_rs900fruggedcom_rsg2200fruggedcom_rs1600ncruggedcom_rsg2100ncruggedcom_rs900gpruggedcom_rs900mnc-stnd-xx-c01ruggedcom_rsg920pruggedcom_rs416pruggedcom_rs900m-gets-xxruggedcom_m2100ncruggedcom_rs1600fruggedcom_m2200ruggedcom_rs416nc_v2ruggedcom_rs400ruggedcom_rs8000hruggedcom_rs1600fncruggedcom_rs416pfruggedcom_rs400fruggedcom_rsg2300pncruggedcom_rs920lruggedcom_rs910ncruggedcom_rs900gnc\(32m\)ruggedcom_rs400ncruggedcom_rmc30RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-684
Incorrect Provision of Specified Functionality
CVE-2011-3321
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9.3||HIGH
EPSS-3.50% / 87.12%
||
7 Day CHG~0.00%
Published-15 Sep, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_wincc_flexible_runtimesimatic_wincc_runtimen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-10038
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.38%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the device's web server might be able to execute administrative commands without authentication.

Action-Not Available
Vendor-Siemens AG
Product-sicam_t_firmwaresicam_mmusicam_sgu_firmwaresicam_mmu_firmwaresicam_sgusicam_tSICAM TSICAM MMUSICAM SGU
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-10042
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.30% / 78.87%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 10:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network.

Action-Not Available
Vendor-Siemens AG
Product-sicam_t_firmwaresicam_mmusicam_sgu_firmwaresicam_mmu_firmwaresicam_sgusicam_tSICAM TSICAM MMUSICAM SGU
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-8268
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 80.25%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-193
Off-by-one Error
CVE-2019-8271
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8272
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 80.25%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-193
Off-by-one Error
CVE-2019-8273
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8258
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-05 Mar, 2019 | 15:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

Action-Not Available
Vendor-uvncUltraVNCSiemens AG
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8262
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-6.18% / 90.47%
||
7 Day CHG~0.00%
Published-05 Mar, 2019 | 15:00
Updated-16 Sep, 2024 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.

Action-Not Available
Vendor-uvncUltraVNCSiemens AG
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-6579
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.03% / 83.05%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 13:40
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises confidentiality, integrity or availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-spectrum_power_4Spectrum Power™ 4
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-6580
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 58.61%
||
7 Day CHG~0.00%
Published-12 Jun, 2019 | 13:47
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change device properties without authorization. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-siveillance_video_management_software_2017_r2siveillance_video_management_software_2019_r1siveillance_video_management_software_2018_r2siveillance_video_management_software_2018_r1siveillance_video_management_software_2018_r3Siveillance VMS 2018 R3Siveillance VMS 2018 R1Siveillance VMS 2019 R1Siveillance VMS 2017 R2Siveillance VMS 2018 R2
CWE ID-CWE-862
Missing Authorization
CVE-2023-36380
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 19.72%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 10:21
Updated-27 Feb, 2025 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). The affected devices contain a hard-coded ID in the SSH `authorized_keys` configuration file. An attacker with knowledge of the corresponding private key could login to the device via SSH. Only devices with activated debug support are affected.

Action-Not Available
Vendor-Siemens AG
Product-cp-8050_firmwarecp-8050cp-8031_firmwarecp-8031CP-8031 MASTER MODULECP-8050 MASTER MODULE
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-37887
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.30% / 78.90%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-arubaosscalance_w1750d_firmwareinstantscalance_w1750dAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-37886
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.30% / 78.90%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-arubaosscalance_w1750d_firmwareinstantscalance_w1750dAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42019
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.9||MEDIUM
EPSS-0.56% / 67.12%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 11:31
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Within a third-party component, the process to allocate partition size fails to check memory boundaries. Therefore, if a large amount is requested by an attacker, due to an integer-wrap around, it could result in a small size being allocated instead.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rs969ruggedcom_rs910ruggedcom_rsg2100ruggedcom_rsg2300pruggedcom_rs930lruggedcom_rsg907rruggedcom_rsg910cruggedcom_rs416ruggedcom_rs900wruggedcom_i801ruggedcom_rosruggedcom_m2100ruggedcom_rmcruggedcom_i800ruggedcom_rst2228ruggedcom_rs930wruggedcom_rmc8388ruggedcom_rsg2200ruggedcom_rs900ruggedcom_rs401ruggedcom_rs8000truggedcom_rsg909rruggedcom_rp110ruggedcom_rs910lruggedcom_i802ruggedcom_m969ruggedcom_rs910wruggedcom_rsg2100pruggedcom_rs8000ruggedcom_rst916pruggedcom_rs900gpruggedcom_rs900lruggedcom_rmc40ruggedcom_rsl910ruggedcom_rmc41ruggedcom_rsg920pruggedcom_rs920wruggedcom_rs416v2ruggedcom_rs8000aruggedcom_rsg2300ruggedcom_rst916cruggedcom_m2200ruggedcom_rs400ruggedcom_rst2228pruggedcom_rmc20ruggedcom_rs8000hruggedcom_rsg908cruggedcom_i803ruggedcom_rsg2488ruggedcom_rs900gruggedcom_rsg2288ruggedcom_rs920lruggedcom_rs940gruggedcom_rmc30RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-40358
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-0.58% / 67.83%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-04 Aug, 2024 | 02:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winccsimatic_pcs_7SIMATIC WinCC V15 and earlierSIMATIC WinCC V17SIMATIC PCS 7 V9.1SIMATIC PCS 7 V9.0SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC WinCC V16SIMATIC PCS 7 V8.2
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-39275
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-44.80% / 97.49%
||
7 Day CHG~0.00%
Published-16 Sep, 2021 | 14:40
Updated-01 May, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ap_escape_quotes buffer overflow

ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.

Action-Not Available
Vendor-Fedora ProjectOracle CorporationThe Apache Software FoundationDebian GNU/LinuxNetApp, Inc.Siemens AG
Product-debian_linuxfedorasinec_nmshttp_servercloud_backupsinema_serverzfs_storage_appliance_kitinstantis_enterprisetrackstoragegridclustered_data_ontapApache HTTP Server
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37184
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 65.72%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.

Action-Not Available
Vendor-Siemens AG
Product-industrial_edge_managementIndustrial Edge Management
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2021-31337
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.62% / 69.14%
||
7 Day CHG~0.00%
Published-28 Jun, 2021 | 12:24
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

Action-Not Available
Vendor-n/aSiemens AG
Product-sinamics_sl150sinamics_sm150isinamics_sm150_firmwaresinamics_sl150_firmwaresinamics_sm150i_firmwaresinamics_sm150SINAMICS Medium Voltage Products
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-29998
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.19% / 77.93%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 16:16
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

Action-Not Available
Vendor-windrivern/aSiemens AG
Product-scalance_xf206-1_firmwarescalance_x208_pro_firmwarescalance_x201-3p_irtscalance_x212-2ldscalance_x206-1scalance_x300simatic_rf_182c_firmwarescalance_x201-3p_irt_proscalance_x204-2fmscalance_x208scalance_x202-2p_irtsimatic_rf_181_eip_firmwarevxworksscalance_x206-1_firmwaresinamics_perfect_harmony_gh180ruggedcom_win_subscriber_station_firmwarescalance_xf204-2scalance_x204_irtscalance_x202-2_irtscalance_xf204_firmwarescalance_xf204-2ba_irtscalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_x204_irt_proscalance_xf208_firmwarescalance_xf204-2_firmwarescalance_x208_proscalance_x202-2p_irt_proscalance_xf202-2p_irtscalance_x204-2fm_firmwarescalance_x204-2tsscalance_x202-2_irt_firmwarescalance_xf204scalance_x206-1ldscalance_x200-4_p_irtscalance_xf204_irt_firmwarescalance_xf201-3p_irtscalance_xf204_irtruggedcom_win_subscriber_stationscalance_x204-2ldscalance_xf208scalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_xf204-2ba_irt_firmwarescalance_x204-2ld_ts_firmwarescalance_x300_firmwarescalance_x204-2ld_tsscalance_x204-2scalance_x408scalance_x224scalance_x204-2_firmwarescalance_xf206-1scalance_x202-2p_irt_firmwarescalance_x206-1ld_firmwaresinamics_perfect_harmony_gh180_firmwarescalance_x212-2ld_firmwarescalance_x204_irt_firmwarescalance_x408_firmwarescalance_x212-2scalance_x200-4_p_irt_firmwarescalance_x204-2ts_firmwarescalance_x216_firmwarescalance_xf202-2p_irt_firmwarescalance_x208_firmwaresimatic_rf_181_eipscalance_x204_irt_pro_firmwaresimatic_rf_182cscalance_x216scalance_xf201-3p_irt_firmwarescalance_x201-3p_irt_pro_firmwarescalance_x224_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-27389
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.36%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.

Action-Not Available
Vendor-Siemens AG
Product-opcenter_qualityqms_automotiveQMS AutomotiveOpcenter Quality
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2021-25668
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 66.46%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xf206-1_firmwarescalance_xf201-3p_irtscalance_x212-2ldscalance_x201-3p_irtscalance_xf204_irtscalance_x204-2ldscalance_xf208scalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_xf204-2ba_irt_firmwarescalance_x206-1scalance_x204-2ld_ts_firmwarescalance_x201-3p_irt_proscalance_x204-2fmscalance_x204-2ld_tsscalance_x208scalance_x200-4p_irtscalance_x202-2p_irtscalance_x204-2scalance_x224scalance_x206-1_firmwarescalance_x204-2_firmwarescalance_xf204-2scalance_xf206-1scalance_x202-2p_irt_firmwarescalance_x206-1ld_firmwarescalance_x204_irtscalance_x212-2ld_firmwarescalance_x204_irt_firmwarescalance_x212-2scalance_x202-2_irtscalance_x204-2ts_firmwarescalance_x208proscalance_xf204_firmwarescalance_x216_firmwarescalance_xf204-2ba_irtscalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_x204_irt_proscalance_xf202-2p_irt_firmwarescalance_xf208_firmwarescalance_x208_firmwarescalance_xf204-2_firmwarescalance_x202-2p_irt_proscalance_xf202-2p_irtscalance_x200-4p_irt_firmwarescalance_x204_irt_pro_firmwarescalance_x216scalance_xf201-3p_irt_firmwarescalance_x204-2fm_firmwarescalance_x204-2tsscalance_x202-2_irt_firmwarescalance_x201-3p_irt_pro_firmwarescalance_xf204scalance_x206-1ldscalance_x208pro_firmwarescalance_x224_firmwarescalance_xf204_irt_firmwareSCALANCE XF208SCALANCE X206-1LDSCALANCE X202-2P IRT PROSCALANCE XF204-2BA IRTSCALANCE X201-3P IRTSCALANCE X204-2FMSCALANCE X212-2 (incl. SIPLUS NET variant)SCALANCE X204-2TSSCALANCE X204-2LD TSSCALANCE X206-1SCALANCE XF204SCALANCE XF204-2 (incl. SIPLUS NET variant)SCALANCE X204-2 (incl. SIPLUS NET variant)SCALANCE X204 IRT PROSCALANCE X224SCALANCE X204-2LD (incl. SIPLUS NET variant)SCALANCE X208PROSCALANCE X216SCALANCE X212-2LDSCALANCE X201-3P IRT PROSCALANCE X200-4P IRTSCALANCE XF206-1SCALANCE XF201-3P IRTSCALANCE XF204 IRTSCALANCE XF202-2P IRTSCALANCE X208 (incl. SIPLUS NET variant)SCALANCE X202-2P IRT (incl. SIPLUS NET variant)SCALANCE X202-2 IRTSCALANCE X204 IRT
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22930
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.33%
||
7 Day CHG~0.00%
Published-07 Oct, 2021 | 00:00
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)NetApp, Inc.Siemens AGDebian GNU/Linux
Product-sinec_infrastructure_network_servicesnextgen_apidebian_linuxnode.jsNode
CWE ID-CWE-416
Use After Free
CVE-2021-22931
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-0.74% / 71.91%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 00:00
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.

Action-Not Available
Vendor-Oracle CorporationNode.js (OpenJS Foundation)NetApp, Inc.Siemens AG
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvmmysql_clusternextgen_apiactive_iq_unified_manageroncommand_workflow_automationsnapcenternode.jsoncommand_insightNode
CWE ID-CWE-170
Improper Null Termination
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32740
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.63% / 69.42%
||
7 Day CHG+0.36%
Published-14 May, 2024 | 10:02
Updated-20 Aug, 2025 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains undocumented users and credentials. An attacker could misuse the credentials to compromise the device locally or over the network.

Action-Not Available
Vendor-Siemens AG
Product-simatic_cn_4100_firmwaresimatic_cn_4100SIMATIC CN 4100simatic_cn_4100
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-8275
Matching Score-8
Assigner-Kaspersky
ShareView Details
Matching Score-8
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.58% / 88.78%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-17 Sep, 2024 | 03:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-170
Improper Null Termination
CVE-2016-9157
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.46% / 80.02%
||
7 Day CHG~0.00%
Published-05 Dec, 2016 | 08:09
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP.

Action-Not Available
Vendor-n/aSiemens AG
Product-sicam_pas\/pqsSiemens SICAM PAS through V8.08
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-284
Improper Access Control
CVE-2012-2596
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-5.5||MEDIUM
EPSS-0.24% / 47.24%
||
7 Day CHG~0.00%
Published-08 Jun, 2012 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an "XML injection" attack.

Action-Not Available
Vendor-n/aSiemens AG
Product-winccn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-25910
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-0.44% / 62.43%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 08:17
Updated-02 Aug, 2024 | 11:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server. An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.

Action-Not Available
Vendor-Siemens AG
Product-simatic_step_7simatic_pcs_7simatic_s7-pmSIMATIC PCS 7SIMATIC S7-PMSIMATIC STEP 7 V5
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-34663
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8||HIGH
EPSS-0.80% / 73.04%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 10:07
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Affected devices are vulnerable to a web-based code injection attack via the console. An attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected device.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rs969ruggedcom_rsg2100_\(32m\)ruggedcom_rs910ruggedcom_rsg2100ruggedcom_rsg2300pruggedcom_rs930lruggedcom_rsg907rruggedcom_rsg910cruggedcom_rs416ruggedcom_rs900wruggedcom_rs900_\(32m\)ruggedcom_i801ruggedcom_rosruggedcom_m2100ruggedcom_rmcruggedcom_i800ruggedcom_rst2228ruggedcom_rs930wruggedcom_rmc8388ruggedcom_rsg2200ruggedcom_rsg909rruggedcom_rs401ruggedcom_rs8000truggedcom_rp110ruggedcom_rs910lruggedcom_i802ruggedcom_m969ruggedcom_rs900g_\(32m\)ruggedcom_rs910wruggedcom_rsg2100pruggedcom_rs8000ruggedcom_rst916pruggedcom_rs900gpruggedcom_rs900lruggedcom_rmc40ruggedcom_rsl910ruggedcom_rmc41ruggedcom_rsg920pruggedcom_rs920wruggedcom_rs416v2ruggedcom_rs8000aruggedcom_rsg2300ruggedcom_rst916cruggedcom_m2200ruggedcom_rs400ruggedcom_rst2228pruggedcom_rmc20ruggedcom_rs8000hruggedcom_rsg908cruggedcom_i803ruggedcom_rsg2488ruggedcom_rs900gruggedcom_rsg2288ruggedcom_rs920lruggedcom_rs940gruggedcom_rmc30RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-8551
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.81% / 90.16%
||
7 Day CHG~0.00%
Published-26 Nov, 2014 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_pcs7simatic_pcs_7simatic_tiaportalsimatic_winccn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-2909
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.84% / 73.73%
||
7 Day CHG~0.00%
Published-25 Apr, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_s7_cpu_1200_firmwaresimatic_s7_cpu_1212csimatic_s7_cpu_1215csimatic_s7_cpu-1211csimatic_s7_cpu_1214csimatic_s7_cpu_1217cn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2011-4512
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-5||MEDIUM
EPSS-0.39% / 58.89%
||
7 Day CHG~0.00%
Published-03 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Action-Not Available
Vendor-n/aSiemens AG
Product-simatic_hmi_panelswincc_flexible_runtimewincc_flexiblewincc_runtime_advancedwinccn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2015-1597
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.40% / 60.04%
||
7 Day CHG~0.00%
Published-07 Mar, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream.

Action-Not Available
Vendor-n/aSiemens AG
Product-spcanywheren/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-23337
Matching Score-6
Assigner-Snyk
ShareView Details
Matching Score-6
Assigner-Snyk
CVSS Score-7.2||HIGH
EPSS-0.55% / 66.98%
||
7 Day CHG~0.00%
Published-15 Feb, 2021 | 12:15
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Action-Not Available
Vendor-lodashn/aNetApp, Inc.Oracle CorporationSiemens AG
Product-peoplesoft_enterprise_peopletoolsprimavera_unifiersinec_insfinancial_services_crime_and_compliance_management_studioprimavera_gatewaylodashactive_iq_unified_managerhealth_sciences_data_management_workbenchcommunications_cloud_native_core_policysystem_managercloud_managerbanking_trade_finance_process_managementbanking_supply_chain_financecommunications_design_studiobanking_credit_facilities_process_managementcommunications_cloud_native_core_binding_support_functionbanking_corporate_lending_process_managementbanking_extensibility_workbenchcommunications_session_border_controllercommunications_services_gatekeeperenterprise_communications_brokerjd_edwards_enterpriseone_toolsretail_customer_management_and_segmentation_foundationLodash
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-57061
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.08%
||
7 Day CHG+0.02%
Published-19 Mar, 2025 | 00:00
Updated-25 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Termius Version 9.9.0 through v.9.16.0 allows a physically proximate attacker to execute arbitrary code via the insecure Electron Fuses configuration.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 28
  • 29
  • Next
Details not found