Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-44165

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-14 Dec, 2021 | 12:06
Updated At-04 Aug, 2024 | 04:17
Rejected At-
Credits

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:14 Dec, 2021 | 12:06
Updated At:04 Aug, 2024 | 04:17
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

Affected Products
Vendor
Siemens AGSiemens
Product
POWER METER SICAM Q100
Versions
Affected
  • All versions < V2.41
Vendor
Siemens AGSiemens
Product
POWER METER SICAM Q100
Versions
Affected
  • All versions < V2.41
Vendor
Siemens AGSiemens
Product
POWER METER SICAM Q100
Versions
Affected
  • All versions < V2.41
Vendor
Siemens AGSiemens
Product
POWER METER SICAM Q100
Versions
Affected
  • All versions < V2.41
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121: Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:14 Dec, 2021 | 12:15
Updated At:16 Dec, 2021 | 22:00

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches
Siemens AG
siemens
>>7kg9501-0aa01-2aa1_firmware>>Versions before 2.41(exclusive)
cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa01-2aa1>>-
cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa31-0aa1_firmware>>Versions before 2.41(exclusive)
cpe:2.3:o:siemens:7kg9501-0aa31-0aa1_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa31-0aa1>>-
cpe:2.3:h:siemens:7kg9501-0aa31-0aa1:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa31-2aa1_firmware>>Versions before 2.41(exclusive)
cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa31-2aa1>>-
cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa01-0aa1_firmware>>Versions before 2.41(exclusive)
cpe:2.3:o:siemens:7kg9501-0aa01-0aa1_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>7kg9501-0aa01-0aa1>>-
cpe:2.3:h:siemens:7kg9501-0aa01-0aa1:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Primaryproductcert@siemens.com
CWE ID: CWE-121
Type: Primary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

820Records found
CVE-2024-31485
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.63% / 69.87%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-13 Feb, 2025 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.30), SICORE Base system (All versions < V1.3.0). The web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-SICORE Base systemCPCI85 Central Processing/Communicationsicore_base_systemcpci85_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-49692
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.14% / 33.44%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-13 Aug, 2024 | 07:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.

Action-Not Available
Vendor-Siemens AG
Product-6gk5876-4aa10-2ba26gk5876-4aa00-2da2_firmware6gk5812-1ba00-2aa26gk5856-2ea00-3aa16gk6108-4am00-2da26gk5876-4aa00-2da26gk5876-3aa02-2ba2_firmware6gk5816-1aa00-2aa2_firmware6gk5876-3aa02-2ea2_firmware6gk5876-4aa00-2ba26gk5826-2ab00-2ab26gk5856-2ea00-3aa1_firmware6gk5876-4aa00-2ba2_firmware6gk5812-1aa00-2aa26gk6108-4am00-2da2_firmware6gk5856-2ea00-3da1_firmware6gk5874-2aa00-2aa2_firmware6gk5804-0ap00-2aa2_firmware6gk5874-3aa00-2aa26gk5812-1aa00-2aa2_firmware6gk5816-1ba00-2aa26gk5874-2aa00-2aa26gk5826-2ab00-2ab2_firmware6gk6108-4am00-2ba26gk5615-0aa00-2aa26gk5856-2ea00-3da16gk5816-1ba00-2aa2_firmware6gk5874-3aa00-2aa2_firmware6gk5853-2ea00-2da16gk5804-0ap00-2aa26gk5615-0aa01-2aa2_firmware6gk5876-3aa02-2ea26gk5876-4aa10-2ba2_firmware6gk5876-3aa02-2ba26gk6108-4am00-2ba2_firmware6gk5853-2ea00-2da1_firmware6gk5812-1ba00-2aa2_firmware6gk5615-0aa00-2aa2_firmware6gk5816-1aa00-2aa26gk5615-0aa01-2aa2SCALANCE M874-3SCALANCE M816-1 ADSL-RouterSCALANCE M876-3 (ROK)SCALANCE M812-1 ADSL-RouterSCALANCE M804PBSCALANCE MUM856-1 (EU)SCALANCE MUM853-1 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE M874-2SCALANCE M876-4RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M876-3SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4 (EU)SCALANCE M876-4 (NAM)SCALANCE S615 LAN-Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-49691
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.12% / 30.97%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-13 Aug, 2024 | 07:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update.

Action-Not Available
Vendor-Siemens AG
Product-6gk5876-4aa10-2ba26gk5876-4aa00-2da2_firmware6gk5812-1ba00-2aa26gk5856-2ea00-3aa16gk6108-4am00-2da26gk5876-4aa00-2da26gk5876-3aa02-2ba2_firmware6gk5816-1aa00-2aa2_firmware6gk5876-3aa02-2ea2_firmware6gk5876-4aa00-2ba26gk5826-2ab00-2ab26gk5856-2ea00-3aa1_firmware6gk5876-4aa00-2ba2_firmware6gk5812-1aa00-2aa26gk6108-4am00-2da2_firmware6gk5856-2ea00-3da1_firmware6gk5874-2aa00-2aa2_firmware6gk5804-0ap00-2aa2_firmware6gk5874-3aa00-2aa26gk5812-1aa00-2aa2_firmware6gk5816-1ba00-2aa26gk5874-2aa00-2aa26gk5826-2ab00-2ab2_firmware6gk6108-4am00-2ba26gk5615-0aa00-2aa26gk5856-2ea00-3da16gk5816-1ba00-2aa2_firmware6gk5874-3aa00-2aa2_firmware6gk5853-2ea00-2da16gk5804-0ap00-2aa26gk5615-0aa01-2aa2_firmware6gk5876-3aa02-2ea26gk5876-4aa10-2ba2_firmware6gk5876-3aa02-2ba26gk6108-4am00-2ba2_firmware6gk5853-2ea00-2da1_firmware6gk5812-1ba00-2aa2_firmware6gk5615-0aa00-2aa2_firmware6gk5816-1aa00-2aa26gk5615-0aa01-2aa2SCALANCE M874-3SCALANCE M816-1 ADSL-RouterSCALANCE M876-3 (ROK)SCALANCE M812-1 ADSL-RouterSCALANCE M804PBSCALANCE MUM856-1 (EU)SCALANCE MUM853-1 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE M874-2SCALANCE M876-4RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M876-3SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4 (EU)SCALANCE M876-4 (NAM)SCALANCE S615 LAN-Router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-48428
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.07% / 20.64%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-02 Aug, 2024 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected products does not correctly check uploaded certificates. A malicious admin could upload a crafted certificate resulting in a denial-of-service condition or potentially issue commands on system level.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INS
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-44317
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:03
Updated-14 Jan, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xp216_firmwarescalance_xc224-4c_g_firmwarescalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)scalance_xb213-3_\(st\,_pn\)_firmwarescalance_xb213-3_\(sc\,_e\/ip\)_firmwarescalance_xb213-3_\(st\,_e\/ip\)_firmwarescalance_xr326-2c_poe_wgscalance_xb216_\(pn\)scalance_xb213-3ld_\(sc\,_pn\)scalance_xp216eec_firmwarescalance_xb205-3_\(st\,_pn\)scalance_xr324wg_\(24_x_fe\,_ac_230v\)_firmwarescalance_xb205-3_\(sc\,_pn\)_firmwarescalance_xc216-4c_g_\(eip_def.\)scalance_xc206-2sfp_eecscalance_xc224-4c_g_eecscalance_xp208eecscalance_xb213-3ld_\(sc\,_e\/ip\)scalance_xc208g_\(eip_def.\)scalance_xc208g_poe_\(54_v_dc\)_firmwarescalance_xb208_\(e\/ip\)scalance_xc206-2sfp_g_firmwarescalance_xc216eec_firmwarescalance_xb208_\(pn\)_firmwarescalance_xc224_firmwarescalance_xp216_\(ethernet\/ip\)_firmwarescalance_xr326-2c_poe_wg_\(without_ul\)_firmwarescalance_xc206-2sfp_gscalance_xc208eec_firmwarescalance_xp216siplus_net_scalance_xc208scalance_xb205-3_\(st\,_e\/ip\)scalance_xb205-3_\(st\,_pn\)_firmwarescalance_xb205-3ld_\(sc\,_e\/ip\)_firmwarescalance_xr324wg_\(24_x_fe\,_dc_24v\)_firmwarescalance_xr328-4c_wg_\(28xge\,_ac_230v\)scalance_xc208g_poe_firmwarescalance_xf204_dna_firmwarescalance_xr328-4c_wg_\(28xge\,_dc_24v\)scalance_xp216poe_eec_firmwarescalance_xc206-2sfp_g_\(eip_def.\)scalance_xc216-4c_gscalance_xc206-2g_poe_\(54_v_dc\)_firmwarescalance_xc206-2g_poescalance_xc216-4c_firmwarescalance_xc216-4c_g_firmwarescalance_xp208poe_eecscalance_xc208g_poe_\(54_v_dc\)scalance_xb213-3_\(sc\,_pn\)siplus_net_scalance_xc206-2sfpscalance_xb205-3_\(st\,_e\/ip\)_firmwarescalance_xb216_\(e\/ip\)scalance_xc216-3g_poe_firmwarescalance_xr328-4c_wg_\(28xge\,_dc_24v\)_firmwarescalance_xc208g_\(eip_def.\)_firmwarescalance_xf204-2ba_dna_firmwarescalance_xc224-4c_g_eec_firmwarescalance_xb205-3ld_\(sc\,_e\/ip\)scalance_xb213-3_\(sc\,_e\/ip\)scalance_xb213-3_\(sc\,_pn\)_firmwarescalance_xb213-3_\(st\,_e\/ip\)scalance_xf204siplus_net_scalance_xc206-2_firmwarescalance_xc206-2sfp_g_eecscalance_xc206-2sfp_g_\(eip_def.\)_firmwarescalance_xc208eecscalance_xc206-2_\(sc\)_firmwarescalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)siplus_net_scalance_xc216-4cscalance_xc208_firmwarescalance_xb213-3ld_\(sc\,_pn\)_firmwarescalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)scalance_xc224scalance_xc224-4c_gscalance_xb216_\(e\/ip\)_firmwarescalance_xc216-4c_g_eecscalance_xr328-4c_wg_\(24xfe\,4xge\,ac230v\)_firmwarescalance_xc206-2sfp_g_eec_firmwaresiplus_net_scalance_xc206-2scalance_xc216-3g_poe_\(54_v_dc\)scalance_xp216poe_eecscalance_xc206-2g_poe_eec_\(54_v_dc\)scalance_xc206-2sfp_firmwarescalance_xc206-2_\(st\/bfoc\)scalance_xr328-4c_wg_\(24xfe\,_4xge\,_24v\)_firmwarescalance_xp208poe_eec_firmwarescalance_xb205-3ld_\(sc\,_pn\)scalance_xr328-4c_wg_\(28xge\,_ac_230v\)_firmwarescalance_xr326-2c_poe_wg_firmwaresiplus_net_scalance_xc206-2sfp_firmwarescalance_xc216-4csiplus_net_scalance_xc208_firmwarescalance_xf204-2ba_firmwarescalance_xr324wg_\(24_x_fe\,_ac_230v\)scalance_xb205-3ld_\(sc\,_pn\)_firmwarescalance_xc208g_eec_firmwarescalance_xc206-2sfpscalance_xc206-2g_poe_firmwarescalance_xb208_\(pn\)scalance_xr326-2c_poe_wg_\(without_ul\)scalance_xc208g_poescalance_xp216_\(ethernet\/ip\)siplus_net_scalance_xc216-4c_firmwarescalance_xc224-4c_g_\(eip_def.\)scalance_xc206-2_\(sc\)scalance_xr324wg_\(24_x_fe\,_dc_24v\)scalance_xp208_firmwarescalance_xc216-4c_g_eec_firmwarescalance_xc216scalance_xb205-3_\(sc\,_pn\)scalance_xp208scalance_xf204-2bascalance_xc206-2_\(st\/bfoc\)_firmwarescalance_xb213-3_\(st\,_pn\)scalance_xc206-2sfp_eec_firmwarescalance_xb208_\(e\/ip\)_firmwarescalance_xc224-4c_g_\(eip_def.\)_firmwarescalance_xp208eec_firmwarescalance_xp216eecscalance_xc208g_eecscalance_xf204_dnascalance_xr328-4c_wg_\(24xfe\,_4xge\,dc24v\)_firmwarescalance_xc206-2g_poe_\(54_v_dc\)scalance_xc216-4c_g_\(eip_def.\)_firmwarescalance_xb216_\(pn\)_firmwarescalance_xc216_firmwarescalance_xc208gscalance_xc216-3g_poe_\(54_v_dc\)_firmwarescalance_xf204-2ba_dnascalance_xb213-3ld_\(sc\,_e\/ip\)_firmwarescalance_xc208g_firmwarescalance_xc206-2g_poe_eec_\(54_v_dc\)_firmwarescalance_xp208_\(ethernet\/ip\)scalance_xf204_firmwarescalance_xc216-3g_poescalance_xc216eecscalance_xp208_\(ethernet\/ip\)_firmwarescalance_xc208SCALANCE S615 LAN-RouterSCALANCE WAM766-1 (ME)SCALANCE WAM766-1SCALANCE M876-3SCALANCE WUB762-1 iFeaturesSCALANCE WUM766-1SCALANCE M812-1 ADSL-RouterSCALANCE WUM766-1 (ME)SCALANCE M816-1 ADSL-RouterSCALANCE M876-4 (EU)SCALANCE WUB762-1RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M874-2SCALANCE WAM763-1SCALANCE M804PBSCALANCE WAM766-1 EEC (ME)SCALANCE WAM766-1 EECSCALANCE WUM763-1 (US)SCALANCE WAM766-1 EEC (US)SCALANCE WUM763-1SCALANCE WUM766-1 (USA)SCALANCE WAM763-1 (US)SCALANCE MUM853-1 (EU)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)SCALANCE M876-4SCALANCE WAB762-1SCALANCE M876-3 (ROK)SCALANCE WAM763-1 (ME)SCALANCE MUM856-1 (EU)SCALANCE WAM766-1 (US)SCALANCE M874-3SCALANCE S615 EEC LAN-RouterSCALANCE M876-4 (NAM)
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2023-42797
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.6||MEDIUM
EPSS-0.29% / 52.28%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 09:59
Updated-03 Jun, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps. By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privileges during device startup.

Action-Not Available
Vendor-Siemens AG
Product-sicam_a8000_cp-8031sicam_a8000_cp-8050sicam_a8000_cp-8031_firmwaresicam_a8000_cp-8050_firmwareCP-8050 MASTER MODULECP-8031 MASTER MODULE
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2022-24281
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-0.67% / 70.84%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 00:00
Updated-21 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_network_management_systemSINEC NMSSINEMA Server V14
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-25146
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-5.05% / 89.53%
||
7 Day CHG~0.00%
Published-30 Mar, 2021 | 00:09
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-25144
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.44% / 80.42%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:06
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-40746
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.30% / 52.62%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:17
Updated-20 Aug, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.

Action-Not Available
Vendor-Siemens AG
Product-simatic_rtls_locating_managerSIMATIC RTLS Locating Manager
CWE ID-CWE-20
Improper Input Validation
CVE-2025-40815
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.06% / 18.22%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 20:20
Updated-12 Nov, 2025 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA2) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA2) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA2) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA2) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA2) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code.

Action-Not Available
Vendor-Siemens AG
Product-LOGO! 24CESIPLUS LOGO! 12/24RCESIPLUS LOGO! 12/24RCEoSIPLUS LOGO! 230RCEoLOGO! 12/24RCEoLOGO! 24RCESIPLUS LOGO! 24RCEoSIPLUS LOGO! 24RCELOGO! 230RCEoSIPLUS LOGO! 24CEoLOGO! 12/24RCELOGO! 24RCEoLOGO! 24CEoLOGO! 230RCESIPLUS LOGO! 230RCESIPLUS LOGO! 24CE
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25150
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-5.06% / 89.54%
||
7 Day CHG~0.00%
Published-30 Mar, 2021 | 00:11
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-10916
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.37% / 58.24%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 19:54
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winccsimatic_pcs_7simatic_wincc_runtime_professionalsimatic_wincc_\(tia_portal\)SIMATIC WinCC Runtime Professional V13SIMATIC WinCC (TIA Portal) V14SIMATIC WinCC (TIA Portal) V13SIMATIC WinCC Runtime Professional V14SIMATIC PCS 7 V8.2SIMATIC WinCC V7.3SIMATIC PCS 7 V9.0SIMATIC WinCC (TIA Portal) V15SIMATIC PCS 7 V8.1SIMATIC WinCC Runtime Professional V15SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC PCS 7 V8.0 and earlierSIMATIC WinCC V7.2 and earlier
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-23337
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-7.2||HIGH
EPSS-0.74% / 72.50%
||
7 Day CHG~0.00%
Published-15 Feb, 2021 | 12:15
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Action-Not Available
Vendor-lodashn/aNetApp, Inc.Oracle CorporationSiemens AG
Product-peoplesoft_enterprise_peopletoolsprimavera_unifiersinec_insfinancial_services_crime_and_compliance_management_studioprimavera_gatewaylodashactive_iq_unified_managerhealth_sciences_data_management_workbenchcommunications_cloud_native_core_policysystem_managercloud_managerbanking_trade_finance_process_managementbanking_supply_chain_financecommunications_design_studiobanking_credit_facilities_process_managementcommunications_cloud_native_core_binding_support_functionbanking_corporate_lending_process_managementbanking_extensibility_workbenchcommunications_session_border_controllercommunications_services_gatekeeperenterprise_communications_brokerjd_edwards_enterpriseone_toolsretail_customer_management_and_segmentation_foundationLodash
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-27395
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.19% / 40.61%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the scope of files accessible through and the privileges of the SFTP functionality. This could allow an authenticated highly-privileged remote attacker to read and write arbitrary files.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-27494
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.27% / 49.71%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This could allow an authenticated remote administrator to escalate privileges by injecting arbitrary commands that are executed with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sipass_integrated_ac5102_\(acc-g2\)_firmwaresipass_integrated_acc-ap_firmwaresipass_integrated_acc-apsipass_integrated_ac5102_\(acc-g2\)SiPass integrated ACC-APSiPass integrated AC5102 (ACC-G2)
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27393
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.82% / 73.95%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-27394
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.82% / 73.95%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-27392
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.82% / 73.95%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 09:48
Updated-25 Aug, 2025 | 01:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new VXLAN configurations. This could allow an authenticated highly-privileged remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-24499
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.92%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:29
Updated-12 Feb, 2025 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly validate input while loading the configuration files. This could allow an authenticated remote attacker to execute arbitrary shell commands on the device.

Action-Not Available
Vendor-Siemens AG
Product-SCALANCE WUB762-1 iFeaturesSCALANCE WUM763-1SCALANCE WAB762-1SCALANCE WAM763-1 (US)SCALANCE WAM766-1SCALANCE WUB762-1SCALANCE WAM766-1 EECSCALANCE WAM766-1 EEC (US)SCALANCE WAM763-1 (ME)SCALANCE WUM766-1SCALANCE WAM766-1 (US)SCALANCE WUM766-1 (ME)SCALANCE WAM763-1SCALANCE WAM766-1 EEC (ME)SCALANCE WUM766-1 (USA)SCALANCE WUM763-1 (US)SCALANCE WAM766-1 (ME)
CWE ID-CWE-20
Improper Input Validation
CVE-2020-9273
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-66.83% / 98.51%
||
7 Day CHG~0.00%
Published-20 Feb, 2020 | 15:22
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.

Action-Not Available
Vendor-proftpdn/aDebian GNU/LinuxSiemens AGopenSUSEFedora Project
Product-simatic_net_cp_1543-1debian_linuxsimatic_net_cp_1543-1_firmwaresimatic_net_cp_1545-1fedoraproftpdsimatic_net_cp_1545-1_firmwarebackports_sleleapn/a
CWE ID-CWE-416
Use After Free
CVE-2024-56839
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.11% / 29.18%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). Code injection can be achieved when the affected device is using VRF (Virtual Routing and Forwarding). An attacker could leverage this scenario to execute arbitrary code as root user.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2024-56838
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). The SCEP client available in the affected device for secure certificate enrollment lacks validation of multiple fields. An attacker could leverage this scenario to execute arbitrary code as root user.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2024-56840
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.18%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). Under certain conditions, IPsec may allow code injection in the affected device. An attacker could leverage this scenario to execute arbitrary code as root user.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-24635
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-5.12% / 89.60%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:05
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-50572
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-1.05% / 77.18%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:50
Updated-11 Feb, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

Action-Not Available
Vendor-Siemens AG
Product-scalance_mum856-1_\(cn\)_firmwarescalance_mum853-1_\(b1\)scalance_mum856-1_\(row\)_firmwarescalance_m816-1_\(annex_b\)scalance_m874-3ruggedcom_rm1224_lte\(4g\)_euscalance_m876-3_\(rok\)_firmwarescalance_m816-1_\(annex_a\)_firmwarescalance_m876-4_\(eu\)scalance_mum856-1_\(a1\)_firmwarescalance_mum856-1_\(eu\)scalance_m874-2_firmwarescalance_m876-4_firmwarescalance_m816-1_\(annex_b\)_firmwarescalance_m876-4_\(eu\)_firmwarescalance_m874-3_\(cn\)scalance_mum856-1_\(b1\)scalance_mum856-1_\(row\)scalance_m812-1_\(annex_b\)scalance_m874-2scalance_mum853-1_\(eu\)_firmwarescalance_m812-1_\(annex_a\)scalance_m816-1_\(annex_a\)scalance_mum856-1_\(b1\)_firmwarescalance_s615_eec_firmwarescalance_m804pbscalance_m826-2scalance_mum853-1_\(a1\)_firmwarescalance_m874-3_\(cn\)_firmwarescalance_m876-4_\(nam\)scalance_mum853-1_\(a1\)scalance_m876-4scalance_s615ruggedcom_rm1224_lte\(4g\)_namscalance_m804pb_firmwarescalance_m874-3_firmwareruggedcom_rm1224_lte\(4g\)_nam_firmwarescalance_m876-3_firmwarescalance_s615_firmwarescalance_mum856-1_\(eu\)_firmwarescalance_m812-1_\(annex_b\)_firmwarescalance_m826-2_firmwarescalance_m876-3_\(rok\)scalance_m876-4_\(nam\)_firmwarescalance_mum853-1_\(b1\)_firmwarescalance_mum856-1_\(a1\)scalance_mum856-1_\(cn\)scalance_mum853-1_\(eu\)scalance_s615_eecruggedcom_rm1224_lte\(4g\)_eu_firmwarescalance_m876-3scalance_m812-1_\(annex_a\)_firmwareSCALANCE S615 LAN-RouterSCALANCE WUM766-1 (USA)SCALANCE WAM766-1 (ME)SCALANCE MUM856-1 (CN)SCALANCE MUM853-1 (A1)SCALANCE M874-3 3G-Router (CN)SCALANCE M804PBSCALANCE M876-3 (ROK)SCALANCE MUM856-1 (EU)SCALANCE M826-2 SHDSL-RouterRUGGEDCOM RM1224 LTE(4G) EUSCALANCE M816-1 ADSL-RouterSCALANCE MUM853-1 (B1)SCALANCE M874-2SCALANCE M876-3SCALANCE WUB762-1 iFeaturesSCALANCE M876-4SCALANCE M876-4 (EU)SCALANCE WAM763-1SCALANCE WUM766-1SCALANCE WAM766-1 (US)RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M874-3SCALANCE WAM763-1 (ME)SCALANCE MUM856-1 (A1)SCALANCE WAM763-1 (US)SCALANCE WAB762-1SCALANCE S615 EEC LAN-RouterSCALANCE WAM766-1 EECSCALANCE MUM853-1 (EU)SCALANCE WAM766-1 EEC (US)SCALANCE WUM763-1 (US)SCALANCE WAM766-1SCALANCE WUM763-1SCALANCE WUB762-1SCALANCE MUM856-1 (B1)SCALANCE MUM856-1 (RoW)SCALANCE WUM766-1 (ME)SCALANCE M812-1 ADSL-RouterSCALANCE WAM766-1 EEC (ME)SCALANCE M876-4 (NAM)scalance_mum856-1_\(cn\)_firmwarescalance_mum856-1_\(b1\)_firmwarescalance_s615_eec_firmwarescalance_mum853-1_\(a1\)_firmwarescalance_mum856-1_\(row\)_firmwarescalance_mum856-1_\(a1\)_firmwarescalance_m874-3_firmwarescalance_m804pb_firmwareruggedcom_rm1224_lte\(4g\)_nam_firmwarescalance_s615_firmwarescalance_m876-3_firmwarescalance_mum856-1_\(eu\)_firmwarescalance_m812-1_\(annex_b\)_firmwarescalance_m876-4_firmwarescalance_m816-1_\(annex_b\)_firmwarescalance_mum853-1_\(b1\)_firmwarescalance_mum853-1_\(eu\)_firmware
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-41788
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-1.02% / 76.89%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41790
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-1.02% / 76.89%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41789
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-1.02% / 76.89%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 08:22
Updated-23 Sep, 2025 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the language parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-7kt_pac1260_data_manager7kt_pac1260_data_manager_firmwareSENTRON 7KT PAC1260 Data Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-41903
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.77%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-14 Aug, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges. This could allow an attacker to alter the container's filesystem leading to unauthorized modifications and data corruption.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzersinec_traffic_analyzer
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-41976
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-1.27% / 79.20%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-23 Aug, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_mum856-1_\(eu\)ruggedcom_rm1224_lte\(4g\)_nam_firmwarescalance_mum856-1_\(b1\)_firmwarescalance_m874-2_firmwarescalance_m874-3scalance_m876-4_\(eu\)ruggedcom_rm1224_lte\(4g\)_euscalance_mum856-1_\(b1\)scalance_m812-1_\(annex_a\)scalance_m812-1_\(annex_b\)scalance_m876-4_\(nam\)scalance_m804pb_firmwarescalance_s615_lan-routerscalance_m874-3_firmwarescalance_m876-3_firmwarescalance_mum853-1_\(b1\)scalance_mum853-1_\(eu\)scalance_s615_eec_lan-routerscalance_s615_lan-router_firmwareruggedcom_rm1224_lte\(4g\)_namscalance_m876-3_\(rok\)_firmwarescalance_m874-3_3g-router_\(cn\)_firmwarescalance_mum853-1_\(b1\)_firmwarescalance_mum856-1_\(cn\)scalance_mum856-1_\(a1\)_firmwarescalance_mum856-1_\(a1\)scalance_mum856-1_\(row\)scalance_m876-3_\(rok\)scalance_mum856-1_\(eu\)_firmwarescalance_mum856-1_\(cn\)_firmwarescalance_m876-3scalance_m876-4_\(eu\)_firmwarescalance_m816-1_\(annex_b\)scalance_m876-4scalance_m876-4_firmwarescalance_mum853-1_\(a1\)_firmwarescalance_s615_eec_lan-router_firmwarescalance_m812-1_\(annex_a\)_firmwarescalance_m874-2scalance_mum856-1_\(row\)_firmwarescalance_m876-4_\(nam\)_firmwarescalance_m804pbscalance_m874-3_3g-router_\(cn\)scalance_m816-1_\(annex_b\)_firmwarescalance_m812-1_\(annex_b\)_firmwarescalance_m816-1_\(annex_a\)_firmwarescalance_mum853-1_\(eu\)_firmwarescalance_m826-2_shdsl-router_firmwarescalance_mum853-1_\(a1\)ruggedcom_rm1224_lte\(4g\)_eu_firmwarescalance_m816-1_\(annex_a\)scalance_m826-2_shdsl-routerSCALANCE M874-3 3G-Router (CN)SCALANCE M874-3SCALANCE M816-1 ADSL-Router familySCALANCE MUM856-1 (B1)SCALANCE M876-3 (ROK)SCALANCE MUM856-1 (A1)SCALANCE M804PBSCALANCE MUM856-1 (EU)SCALANCE MUM853-1 (B1)SCALANCE MUM853-1 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE M874-2SCALANCE M876-4RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M876-3SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (CN)SCALANCE MUM856-1 (RoW)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M812-1 ADSL-Router familySCALANCE M876-4 (EU)SCALANCE MUM853-1 (A1)SCALANCE M876-4 (NAM)SCALANCE S615 LAN-Routerscalance_m812-1_adsl-routerscalance_mum856-1_\(eu\)scalance_m876-3scalance_m816-1_adsl-routerscalance_m876-4scalance_m874-3scalance_mum856-1_\(b1\)scalance_m876-4_\(eu\)ruggedcom_rm1224_lte\(4g\)_euscalance_m876-4_\(nam\)scalance_s615_lan-routerscalance_m874-2scalance_m804pbscalance_m874-3_3g-router_\(cn\)scalance_mum853-1_\(b1\)scalance_mum853-1_\(eu\)scalance_s615_eec_lan-routerscalance_mum853-1_\(a1\)ruggedcom_rm1224_lte\(4g\)_namscalance_mum856-1_\(cn\)scalance_mum856-1_\(row\)scalance_mum856-1_\(a1\)scalance_m826-2_shdsl-routerscalance_m876-3_\(rok\)
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28832
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-1.07% / 77.33%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 11:51
Updated-28 Jan, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-6gk1411-1ac00_firmware6gk1411-5ac00_firmware6gk1411-1ac006gk1411-5ac00SIMATIC Cloud Connect 7 CC716SIMATIC Cloud Connect 7 CC712
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-56837
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.07% / 20.08%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). Due to the insufficient validation during the installation and load of certain configuration files of the affected device, an attacker could spawn a reverse shell and gain root access on the affected system.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-50557
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.75% / 72.64%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-20 Nov, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-scalance_mum856-1_\(eu\)ruggedcom_rm1224_lte\(4g\)_nam_firmwarescalance_mum856-1_\(b1\)_firmwarescalance_m874-2_firmwarescalance_m874-3scalance_m874-3_\(cn\)scalance_m876-4_\(eu\)ruggedcom_rm1224_lte\(4g\)_euscalance_m812-1_\(annex_b\)scalance_m812-1_\(annex_a\)scalance_mum856-1_\(b1\)scalance_m876-4_\(nam\)scalance_m804pb_firmwarescalance_s615scalance_m874-3_firmwarescalance_m876-3_firmwarescalance_mum853-1_\(b1\)scalance_mum853-1_\(eu\)ruggedcom_rm1224_lte\(4g\)_namscalance_m876-3_\(rok\)_firmwarescalance_m874-3_\(cn\)_firmwarescalance_mum853-1_\(b1\)_firmwarescalance_mum856-1_\(cn\)scalance_s615_firmwarescalance_mum856-1_\(a1\)_firmwarescalance_mum856-1_\(a1\)scalance_mum856-1_\(row\)scalance_m876-3_\(rok\)scalance_mum856-1_\(eu\)_firmwarescalance_mum856-1_\(cn\)_firmwarescalance_m876-3scalance_m876-4_\(eu\)_firmwarescalance_m816-1_\(annex_b\)scalance_m876-4scalance_m876-4_firmwarescalance_mum853-1_\(a1\)_firmwarescalance_s615_eec_firmwarescalance_m826-2scalance_m812-1_\(annex_a\)_firmwarescalance_s615_eecscalance_m874-2scalance_m826-2_firmwarescalance_mum856-1_\(row\)_firmwarescalance_m816-1_\(annex_b\)_firmwarescalance_m804pbscalance_m876-4_\(nam\)_firmwarescalance_m812-1_\(annex_b\)_firmwarescalance_m816-1_\(annex_a\)_firmwarescalance_mum853-1_\(eu\)_firmwarescalance_mum853-1_\(a1\)ruggedcom_rm1224_lte\(4g\)_eu_firmwarescalance_m816-1_\(annex_a\)SCALANCE M874-3 3G-Router (CN)SCALANCE M874-3SCALANCE MUM856-1 (B1)SCALANCE M816-1 ADSL-RouterSCALANCE M876-3 (ROK)SCALANCE MUM856-1 (A1)SCALANCE M812-1 ADSL-RouterSCALANCE M804PBSCALANCE MUM856-1 (EU)SCALANCE MUM853-1 (B1)SCALANCE MUM853-1 (EU)SCALANCE S615 EEC LAN-RouterSCALANCE M874-2SCALANCE M876-4RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M876-3SCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (CN)SCALANCE MUM856-1 (RoW)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M876-4 (EU)SCALANCE MUM853-1 (A1)SCALANCE M876-4 (NAM)SCALANCE S615 LAN-Routerscalance_mum856-1_\(eu\)_firmwarescalance_mum856-1_\(cn\)_firmwareruggedcom_rm1224_lte\(4g\)_nam_firmwarescalance_mum856-1_\(b1\)_firmwarescalance_mum853-1_\(a1\)_firmwarescalance_m876-4_firmwarescalance_s615_eec_firmwarescalance_m804pb_firmwarescalance_mum856-1_\(row\)_firmwarescalance_m816-1_\(annex_b\)_firmwarescalance_m874-3_firmwarescalance_m876-3_firmwarescalance_m812-1_\(annex_b\)_firmwarescalance_mum853-1_\(eu\)_firmwarescalance_s615_firmwarescalance_mum853-1_\(b1\)_firmwarescalance_mum856-1_\(a1\)_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2021-46158
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-1.24% / 78.94%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 15:17
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a stack based buffer overflow vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15085, ZDI-CAN-15289, ZDI-CAN-15602)

Action-Not Available
Vendor-Siemens AG
Product-simcenter_femapSimcenter Femap V2020.2Simcenter Femap V2021.1
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-46155
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-1.36% / 79.88%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 15:17
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a stack based buffer overflow vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14683, ZDI-CAN-15283, ZDI-CAN-15303, ZDI-CAN-15593)

Action-Not Available
Vendor-Siemens AG
Product-simcenter_femapSimcenter Femap V2020.2Simcenter Femap V2021.1
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-46699
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.88% / 74.93%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 17:52
Updated-04 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15061)

Action-Not Available
Vendor-Siemens AG
Product-simcenter_femapSimcenter Femap
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-44432
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.85% / 74.50%
||
7 Day CHG~0.00%
Published-14 Dec, 2021 | 12:06
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14845)

Action-Not Available
Vendor-Siemens AG
Product-jt_utilitiesjt_open_toolkitJTTKJT Utilities
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-41170
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.09% / 25.86%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-10 Sep, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (All versions < V2404.0004). The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Action-Not Available
Vendor-Siemens AG
Product-Tecnomatix Plant Simulation V2404Tecnomatix Plant Simulation V2302tecnomatix_plant_simulation
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2018-11447
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.16% / 36.78%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 18:00
Updated-17 Sep, 2024 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by an legitimate user, who must be authenticated to the web interface as administrative user. A successful attack could allow an attacker to interact with the web interface as an administrative user. This could allow the attacker to read or modify the device configuration, or to exploit other vulnerabilities that require authentication as administrative user. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-scalance_m875scalance_m875_firmwareSCALANCE M875
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2023-37374
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.42%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-08 Nov, 2024 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21054)

Action-Not Available
Vendor-Siemens AG
Product-tecnomatixTecnomatix Plant Simulation V2201Tecnomatix Plant Simulation V2302
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-37997
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.10% / 27.15%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions < V14.2.0.13), Teamcenter Visualization V14.3 (All versions < V14.3.0.11), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0003). The affected applications contain a stack based overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process.

Action-Not Available
Vendor-Siemens AG
Product-Teamcenter Visualization V2312PLM XML SDKTeamcenter Visualization V14.3JT OpenTeamcenter Visualization V14.2Teamcenter Visualization V2406JT2Gojt_openplm_xml_sdk
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2019-8276
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-0.73% / 72.25%
||
7 Day CHG-0.10%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8263
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-6.5||MEDIUM
EPSS-0.83% / 74.15%
||
7 Day CHG~0.00%
Published-05 Mar, 2019 | 15:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-22923
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.01% / 0.27%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 09:58
Updated-10 Feb, 2026 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.

Action-Not Available
Vendor-Siemens AG
Product-NX
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2019-3822
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-27.87% / 96.34%
||
7 Day CHG~0.00%
Published-06 Feb, 2019 | 20:00
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.

Action-Not Available
Vendor-NetApp, Inc.Debian GNU/LinuxOracle CorporationRed Hat, Inc.Canonical Ltd.Siemens AGCURL
Product-libcurlubuntu_linuxcommunications_operations_monitoroncommand_insightenterprise_linuxactive_iq_unified_managerservices_tools_bundleoncommand_workflow_automationsnapcenterhttp_serverclustered_data_ontapdebian_linuxsecure_global_desktopsinema_remote_connect_cliententerprise_manager_ops_centermysql_servercurl
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-38070
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.23%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 09:32
Updated-02 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)

Action-Not Available
Vendor-Siemens AG
Product-jt2gotecnomatix_plant_simulationteamcenter_visualizationTecnomatix Plant Simulation V2201Teamcenter Visualization V14.1Teamcenter Visualization V14.0Teamcenter Visualization V13.3JT2GoTecnomatix Plant Simulation V2302Teamcenter Visualization V14.2Teamcenter Visualization V14.3
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-37375
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.42%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-07 Nov, 2024 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21060)

Action-Not Available
Vendor-Siemens AG
Product-tecnomatixTecnomatix Plant Simulation V2201Tecnomatix Plant Simulation V2302
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-18310
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.70%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 19:08
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18311. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sppa-t3000_ms3000_migration_serverSPPA-T3000 MS3000 Migration Server
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-24290
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.75% / 72.73%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash.

Action-Not Available
Vendor-Siemens AG
Product-teamcenterTeamcenter V12.4Teamcenter V13.0Teamcenter V14.0Teamcenter V13.3Teamcenter V13.1Teamcenter V13.2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 16
  • 17
  • Next
Details not found