Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-27410

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-09 May, 2023 | 11:51
Updated At-28 Jan, 2025 | 18:43
Rejected At-
Credits

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:09 May, 2023 | 11:51
Updated At:28 Jan, 2025 | 18:43
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.

Affected Products
Vendor
Siemens AGSiemens
Product
SCALANCE LPE9403
Default Status
unknown
Versions
Affected
  • All versions < V2.1
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122: Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-122
Description: CWE-122: Heap-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.12.7LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Version: 3.1
Base score: 2.7
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:09 May, 2023 | 13:15
Updated At:15 May, 2023 | 18:44

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.12.7LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 3.1
Base score: 2.7
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CPE Matches
Siemens AG
siemens
>>scalance_lpe9403_firmware>>Versions before 2.1(exclusive)
cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>scalance_lpe9403>>-
cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-122Primaryproductcert@siemens.com
CWE ID: CWE-122
Type: Primary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-325383.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

70Records found
CVE-2020-26986
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of JT files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12014)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4833
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.01% / 76.13%
||
7 Day CHG~0.00%
Published-14 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_wimaxscalance_x414simatic_rf182csimatic_rf182c_firmwarescalance_x408_firmwareruggedcom_wimax_firmwarescalance_x204rna_firmwarescalance_x300rfid_181-eip_firmwarescalance_x200irt_firmwarescalance_x300_firmwarescalance_x200irtscalance_x414_firmwarerfid_181-eipscalance_x200_firmwarescalance_x408scalance_x204rnascalance_x200RFID 181EIPSCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X408SCALANCE X-200RNA switch familyRUGGEDCOM WinSCALANCE X414SIMATIC RF182CSCALANCE X-300 switch family (incl. SIPLUS NET variants)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2020-26994
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.59% / 80.92%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of PCX files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process.

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-49123
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.15%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 09:59
Updated-27 Aug, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Action-Not Available
Vendor-Siemens AG
Product-solid_edge_se2023Solid Edge SE2023
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-26987
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-4.10% / 88.13%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12016, ZDI-CAN-12017)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25226
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 73.52%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xc208scalance_xf206-1_firmwarescalance_xb205-3scalance_xc216eec_firmwarescalance_x320-1fe_firmwarescalance_xp208scalance_xc206-2sfp_g_\(e\/ip\)scalance_xc224-4c_g_eec_firmwarescalance_xc206-2sfp_g_eec_firmwarescalance_xp216scalance_xb213-3_firmwarescalance_x202-2irtscalance_xb205-3ldscalance_xc208g_eecscalance_xf204-2scalance_xc206-2sfp_g_firmwarescalance_xc216-4c_g_\(e\/ip\)_firmwarescalance_xb205-3_firmwarescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xb216_firmwarescalance_xp216poe_eec_firmwarescalance_xb213-3ldscalance_xf204-2ba_irtscalance_xc206-2g_poe__firmwarescalance_xf208_firmwarescalance_xc208g_eec_firmwarescalance_x204irt_firmwarescalance_xf204scalance_x308-2lh\+scalance_x202-2pirtscalance_xc208eec_firmwarescalance_xf204_dnascalance_xc208g_poescalance_x307-3_firmwarescalance_xc224-4c_g_\(e\/ip\)_firmwarescalance_xb213-3ld_firmwarescalance_x310fe_firmwarescalance_xf204-2ba_irt_firmwarescalance_x308-2ldscalance_xc216scalance_x308-2scalance_x200-4pirtscalance_xc206-2sfp_g_eecscalance_x201-3pirtscalance_xc206-2sfp_g_\(e\/ip\)_firmwarescalance_xp216eec_firmwarescalance_xc208g_\(e\/ip\)_firmwarescalance_xp208eecscalance_x202-2pirt_siplus_netscalance_xb208scalance_x308-2m_tsscalance_xc206-2g_poe_eecscalance_xc216-4c_g_firmwarescalance_xc206-2g_poe_scalance_x202-2irt_firmwarescalance_x307-3ldscalance_xc224__firmwarescalance_xf201-3p_irt_firmwarescalance_xc206-2sfp_gscalance_xp208poe_eecscalance_xf204-2ba_dnascalance_xc206-2_firmwarescalance_xb213-3scalance_x310fescalance_xc224-4c_g_scalance_xc216-4c_firmwarescalance_xp216poe_eecscalance_x308-2_firmwarescalance_xc216-4c_g_\(e\/ip\)scalance_x320-3ldfe_firmwarescalance_x307-3ld_firmwarescalance_x308-2lhscalance_x202-2pirt_firmwarescalance_x201-3pirt_firmwarescalance_x310scalance_xb205-3ld_firmwarescalance_xc224-4c_g_eecscalance_xc224_scalance_xp216_\(eip\)_firmwarescalance_xc216eecscalance_xf204_firmwarescalance_x308-2m_firmwarescalance_xp208_\(eip\)scalance_xc208gscalance_xb216scalance_xf204-2_firmwarescalance_xf202-2p_irtscalance_x308-2mscalance_xc206-2g_poe_eec_firmwarescalance_xc216_firmwarescalance_xc208eecscalance_xc206-2sfp_eec_firmwarescalance_xc216-4cscalance_x202-2pirt_siplus_net_firmwarescalance_xf204_dna_firmwarescalance_xc208g_firmwarescalance_xc206-2sfpscalance_xc208_firmwarescalance_x308-2m_ts_firmwarescalance_xp216_\(eip\)scalance_xf201-3p_irtscalance_xf208scalance_xp208_\(eip\)_firmwarescalance_xf204irtscalance_xp208eec_firmwarescalance_x204irtscalance_xc206-2sfp_firmwarescalance_xc208g_\(e\/ip\)scalance_xb208_firmwarescalance_xc224-4c_g__firmwarescalance_x308-2lh_firmwarescalance_xc206-2scalance_x320-3ldfescalance_xc208g_poe_firmwarescalance_xf206-1scalance_x310_firmwarescalance_x200-4pirt_firmwarescalance_xf204-2ba_dna_firmwarescalance_xc224-4c_g_\(e\/ip\)scalance_x320-1fescalance_xc216-4c_g_eec_firmwarescalance_xf202-2p_irt_firmwarescalance_xp216_firmwarescalance_x307-3scalance_xp208_firmwarescalance_xp208poe_eec_firmwarescalance_xp216eecscalance_xf204irt_firmwarescalance_xc216-4c_g_eecscalance_xc206-2sfp_eecscalance_xc216-4c_gSCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8274
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15800
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.84% / 73.88%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). The webserver of the affected devices contains a vulnerability that may lead to a heap overflow condition. An attacker could cause this condition on the webserver by sending specially crafted requests. This could stop the webserver temporarily.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xc208scalance_xf206-1_firmwarescalance_xb205-3scalance_xc216eec_firmwarescalance_x320-1fe_firmwarescalance_xp208scalance_xc206-2sfp_g_\(e\/ip\)scalance_xc224-4c_g_eec_firmwarescalance_xc206-2sfp_g_eec_firmwarescalance_xp216scalance_xb213-3_firmwarescalance_x202-2irtscalance_xb205-3ldscalance_xc208g_eecscalance_xf204-2scalance_xc206-2sfp_g_firmwarescalance_xc216-4c_g_\(e\/ip\)_firmwarescalance_xb205-3_firmwarescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xb216_firmwarescalance_xp216poe_eec_firmwarescalance_xb213-3ldscalance_xf204-2ba_irtscalance_xc206-2g_poe__firmwarescalance_xf208_firmwarescalance_xc208g_eec_firmwarescalance_x204irt_firmwarescalance_xf204scalance_x308-2lh\+scalance_x202-2pirtscalance_xc208eec_firmwarescalance_xf204_dnascalance_xc208g_poescalance_x307-3_firmwarescalance_xc224-4c_g_\(e\/ip\)_firmwarescalance_xb213-3ld_firmwarescalance_x310fe_firmwarescalance_xf204-2ba_irt_firmwarescalance_x308-2ldscalance_xc216scalance_x308-2scalance_x200-4pirtscalance_xc206-2sfp_g_eecscalance_x201-3pirtscalance_xc206-2sfp_g_\(e\/ip\)_firmwarescalance_xp216eec_firmwarescalance_xc208g_\(e\/ip\)_firmwarescalance_xp208eecscalance_x202-2pirt_siplus_netscalance_xb208scalance_x308-2m_tsscalance_xc206-2g_poe_eecscalance_xc216-4c_g_firmwarescalance_xc206-2g_poe_scalance_x202-2irt_firmwarescalance_x307-3ldscalance_xc224__firmwarescalance_xf201-3p_irt_firmwarescalance_xc206-2sfp_gscalance_xp208poe_eecscalance_xf204-2ba_dnascalance_xc206-2_firmwarescalance_xb213-3scalance_x310fescalance_xc224-4c_g_scalance_xc216-4c_firmwarescalance_xp216poe_eecscalance_x308-2_firmwarescalance_xc216-4c_g_\(e\/ip\)scalance_x320-3ldfe_firmwarescalance_x307-3ld_firmwarescalance_x308-2lhscalance_x202-2pirt_firmwarescalance_x201-3pirt_firmwarescalance_x310scalance_xb205-3ld_firmwarescalance_xc224-4c_g_eecscalance_xc224_scalance_xp216_\(eip\)_firmwarescalance_xc216eecscalance_xf204_firmwarescalance_x308-2m_firmwarescalance_xp208_\(eip\)scalance_xc208gscalance_xb216scalance_xf204-2_firmwarescalance_xf202-2p_irtscalance_x308-2mscalance_xc206-2g_poe_eec_firmwarescalance_xc216_firmwarescalance_xc208eecscalance_xc206-2sfp_eec_firmwarescalance_xc216-4cscalance_x202-2pirt_siplus_net_firmwarescalance_xf204_dna_firmwarescalance_xc208g_firmwarescalance_xc206-2sfpscalance_xc208_firmwarescalance_x308-2m_ts_firmwarescalance_xp216_\(eip\)scalance_xf201-3p_irtscalance_xf208scalance_xp208_\(eip\)_firmwarescalance_xf204irtscalance_xp208eec_firmwarescalance_x204irtscalance_xc206-2sfp_firmwarescalance_xc208g_\(e\/ip\)scalance_xb208_firmwarescalance_xc224-4c_g__firmwarescalance_x308-2lh_firmwarescalance_xc206-2scalance_x320-3ldfescalance_xc208g_poe_firmwarescalance_xf206-1scalance_x310_firmwarescalance_x200-4pirt_firmwarescalance_xf204-2ba_dna_firmwarescalance_xc224-4c_g_\(e\/ip\)scalance_x320-1fescalance_xc216-4c_g_eec_firmwarescalance_xf202-2p_irt_firmwarescalance_xp216_firmwarescalance_x307-3scalance_xp208_firmwarescalance_xp208poe_eec_firmwarescalance_xp216eecscalance_xf204irt_firmwarescalance_xc216-4c_g_eecscalance_xc206-2sfp_eecscalance_xc216-4c_gSCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)SCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-2069
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.43%
||
7 Day CHG~0.00%
Published-20 Oct, 2022 | 00:00
Updated-16 Apr, 2025 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Datalogics APDFL library Heap-based Buffer Overflow

The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization V13.3Teamcenter Visualization V14.0
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-26985
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-4.10% / 88.13%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 20:18
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11986, ZDI-CAN-11994)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8271
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8273
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-09 Mar, 2019 | 00:00
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.

Action-Not Available
Vendor-uvncSiemens AGKaspersky Lab
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8258
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-4.59% / 88.81%
||
7 Day CHG~0.00%
Published-05 Mar, 2019 | 15:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.

Action-Not Available
Vendor-uvncUltraVNCSiemens AG
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8262
Matching Score-6
Assigner-Kaspersky
ShareView Details
Matching Score-6
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-6.18% / 90.47%
||
7 Day CHG~0.00%
Published-05 Mar, 2019 | 15:00
Updated-16 Sep, 2024 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.

Action-Not Available
Vendor-uvncUltraVNCSiemens AG
Product-sinumerik_pcu_base_win10_software\/ipcultravncsinumerik_pcu_base_win7_software\/ipcsinumerik_access_mymachine\/p2pUltraVNC
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-38076
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.07% / 23.17%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 09:32
Updated-02 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)

Action-Not Available
Vendor-Siemens AG
Product-jt2gotecnomatix_plant_simulationteamcenter_visualizationTecnomatix Plant Simulation V2201Teamcenter Visualization V14.1Teamcenter Visualization V14.0Teamcenter Visualization V13.3JT2GoTecnomatix Plant Simulation V2302Teamcenter Visualization V14.2Teamcenter Visualization V14.3
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-44445
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.98%
||
7 Day CHG~0.00%
Published-14 Dec, 2021 | 12:07
Updated-04 Aug, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15054)

Action-Not Available
Vendor-Siemens AG
Product-jt_utilitiesjt_open_toolkitJTTKJT Utilities
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-39136
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.69%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-21 Apr, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationTeamcenter Visualization V13.3Teamcenter Visualization V13.2JT2GoTeamcenter Visualization V14.1Teamcenter Visualization V14.0
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37199
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.43%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_808dsinumerik_828dsinumerik_808d_firmwaresinumerik_828d_firmwareSINUMERIK 808DSINUMERIK 828D
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34329
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.45% / 62.65%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:03
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13427)

Action-Not Available
Vendor-Siemens AG
Product-jt2gosolid_edgeteamcenter_visualizationJT2GoSolid Edge SE2021Teamcenter Visualization
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-25668
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 66.46%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xf206-1_firmwarescalance_xf201-3p_irtscalance_x212-2ldscalance_x201-3p_irtscalance_xf204_irtscalance_x204-2ldscalance_xf208scalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_xf204-2ba_irt_firmwarescalance_x206-1scalance_x204-2ld_ts_firmwarescalance_x201-3p_irt_proscalance_x204-2fmscalance_x204-2ld_tsscalance_x208scalance_x200-4p_irtscalance_x202-2p_irtscalance_x204-2scalance_x224scalance_x206-1_firmwarescalance_x204-2_firmwarescalance_xf204-2scalance_xf206-1scalance_x202-2p_irt_firmwarescalance_x206-1ld_firmwarescalance_x204_irtscalance_x212-2ld_firmwarescalance_x204_irt_firmwarescalance_x212-2scalance_x202-2_irtscalance_x204-2ts_firmwarescalance_x208proscalance_xf204_firmwarescalance_x216_firmwarescalance_xf204-2ba_irtscalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_x204_irt_proscalance_xf202-2p_irt_firmwarescalance_xf208_firmwarescalance_x208_firmwarescalance_xf204-2_firmwarescalance_x202-2p_irt_proscalance_xf202-2p_irtscalance_x200-4p_irt_firmwarescalance_x204_irt_pro_firmwarescalance_x216scalance_xf201-3p_irt_firmwarescalance_x204-2fm_firmwarescalance_x204-2tsscalance_x202-2_irt_firmwarescalance_x201-3p_irt_pro_firmwarescalance_xf204scalance_x206-1ldscalance_x208pro_firmwarescalance_x224_firmwarescalance_xf204_irt_firmwareSCALANCE XF208SCALANCE X206-1LDSCALANCE X202-2P IRT PROSCALANCE XF204-2BA IRTSCALANCE X201-3P IRTSCALANCE X204-2FMSCALANCE X212-2 (incl. SIPLUS NET variant)SCALANCE X204-2TSSCALANCE X204-2LD TSSCALANCE X206-1SCALANCE XF204SCALANCE XF204-2 (incl. SIPLUS NET variant)SCALANCE X204-2 (incl. SIPLUS NET variant)SCALANCE X204 IRT PROSCALANCE X224SCALANCE X204-2LD (incl. SIPLUS NET variant)SCALANCE X208PROSCALANCE X216SCALANCE X212-2LDSCALANCE X201-3P IRT PROSCALANCE X200-4P IRTSCALANCE XF206-1SCALANCE XF201-3P IRTSCALANCE XF204 IRTSCALANCE XF202-2P IRTSCALANCE X208 (incl. SIPLUS NET variant)SCALANCE X202-2P IRT (incl. SIPLUS NET variant)SCALANCE X202-2 IRTSCALANCE X204 IRT
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • Next
Details not found