Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-32862

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-16 Apr, 2025 | 17:38
Updated At-17 Apr, 2025 | 14:15
Rejected At-
Credits

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'LockTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:16 Apr, 2025 | 17:38
Updated At:17 Apr, 2025 | 14:15
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'LockTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on.

Affected Products
Vendor
Siemens AGSiemens
Product
TeleControl Server Basic
Default Status
unknown
Versions
Affected
  • From 0 before V3.1.2.2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-89CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Type: CWE
CWE ID: CWE-89
Description: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/html/ssa-443402.html
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-443402.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:16 Apr, 2025 | 18:16
Updated At:19 Aug, 2025 | 15:05

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'LockTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Siemens AG
siemens
>>telecontrol_server_basic>>Versions before 3.1.2.2(exclusive)
cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-89Primaryproductcert@siemens.com
CWE ID: CWE-89
Type: Primary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/html/ssa-443402.htmlproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-443402.html
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1910Records found
CVE-2025-32475
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25912)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-31350
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateBufferingSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25918)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-31343
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25920)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-31352
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateGateways' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25915)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-31353
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25916)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-31349
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateSmtpSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25919)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-31351
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'CreateProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25917)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30031
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25922)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30030
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25924)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30003
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25910)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30032
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25921)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-29905
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25923)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30002
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on. (ZDI-CAN-25909)

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-32857
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:38
Updated-19 Aug, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UnlockBufferingSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-32829
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.18% / 40.52%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 17:37
Updated-19 Aug, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'LockProjectCrossCommunications' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write to the application's database and execute code with "NT AUTHORITY\NetworkService" permissions. A successful attack requires the attacker to be able to access port 8000 on a system where a vulnerable version of the affected application is executed on.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-27411
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.59%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:20
Updated-27 Feb, 2025 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOW
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-27463
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.59%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 09:32
Updated-27 Feb, 2025 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOW
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-19292
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.55% / 67.03%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:16
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to read or modify the CCS database and potentially execute administrative database operations or operating system commands.

Action-Not Available
Vendor-Siemens AG
Product-sinvr_3_video_serversinvr_3_central_control_serverControl Center Server (CCS)
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-37197
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.72% / 71.63%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 11:27
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements.

Action-Not Available
Vendor-Siemens AG
Product-comosCOMOS V10.3COMOS V10.2COMOS V10.4
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-27941
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.29% / 78.85%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-06 Feb, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOWruggedcom_crossbow
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-10916
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.44% / 62.23%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 19:54
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winccsimatic_pcs_7simatic_wincc_runtime_professionalsimatic_wincc_\(tia_portal\)SIMATIC WinCC Runtime Professional V13SIMATIC WinCC (TIA Portal) V14SIMATIC WinCC (TIA Portal) V13SIMATIC WinCC Runtime Professional V14SIMATIC PCS 7 V8.2SIMATIC WinCC V7.3SIMATIC PCS 7 V9.0SIMATIC WinCC (TIA Portal) V15SIMATIC PCS 7 V8.1SIMATIC WinCC Runtime Professional V15SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC PCS 7 V8.0 and earlierSIMATIC WinCC V7.2 and earlier
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-27940
Matching Score-10
Assigner-Siemens
ShareView Details
Matching Score-10
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.96% / 75.59%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-06 Feb, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOWruggedcom_crossbow
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-4845
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.79%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 18:00
Updated-16 Sep, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). Remote attackers with either local or remote credentialed access to the "Remote View" feature might be able to elevate their privileges, compromising confidentiality, integrity, and availability of the system. No special skills or user interaction are required to perform this attack. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.

Action-Not Available
Vendor-Siemens AG
Product-rapidlab_1200_firmwarerapidpoint_500_firmwarerapidpoint_500rapidpoint_400_firmwarerapidlab_1200rapidpoint_400RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems, RAPIDLab 1200 Series, RAPIDPoint 500 systems, RAPIDPoint 500 systems, RAPIDPoint 500 systems, RAPIDPoint 400 systems
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-37173
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.55% / 80.67%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). The command line interface of affected devices insufficiently restrict file read and write operations for low privileged users. This could allow an authenticated remote attacker to escalate privileges and gain root access to the device.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_rx1511ruggedcom_rox_rx1512ruggedcom_rox_mx5000_firmwareruggedcom_rox_rx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx1524_firmwareruggedcom_rox_rx5000ruggedcom_rox_rx1501ruggedcom_rox_rx1536ruggedcom_rox_mx5000ruggedcom_rox_rx1524ruggedcom_rox_rx1536_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx1512_firmwareRUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1512
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-40738
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.11% / 30.76%
||
7 Day CHG+0.01%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26572).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-40737
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.11% / 30.76%
||
7 Day CHG+0.01%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26571).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-31888
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.72% / 81.63%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:32
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)

Action-Not Available
Vendor-Siemens AG
Product-talon_tc_compactdesigo_pxm20-edesigo_pxc22.1-e.dapogee_pxc_compactdesigo_pxc001-e.d_firmwareapogee_modular_equiment_controller_firmwaredesigo_pxc12-e.dapogee_pxc_compact_firmwaredesigo_pxc200-e.d_firmwareapogee_modular_equiment_controllerdesigo_pxc100-e.dapogee_modular_building_controllerdesigo_pxc001-e.dapogee_pxc_modular_firmwaretalon_tc_modular_firmwaretalon_tc_modulardesigo_pxc22.1-e.d_firmwaredesigo_pxc50-e.dapogee_modular_building_controller_firmwaredesigo_pxc12-e.d_firmwaredesigo_pxc22-e.ddesigo_pxc22-e.d_firmwaredesigo_pxc00-u_firmwarenucleus_readystart_v3desigo_pxc00-e.ddesigo_pxc100-e.d_firmwaredesigo_pxc200-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc50-e.d_firmwarenucleus_netdesigo_pxc64-utalon_tc_compact_firmwaredesigo_pxc36.1-e.d_firmwaredesigo_pxc64-u_firmwaredesigo_pxc128-udesigo_pxc00-uapogee_pxc_modulardesigo_pxm20-e_firmwaredesigo_pxc36.1-e.ddesigo_pxc128-u_firmwarenucleus_source_codeTALON TC Compact (BACnet)Desigo PXC64-UDesigo PXC00-UNucleus Source CodeAPOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (P2 Ethernet)Nucleus NETDesigo PXC001-E.DDesigo PXC100-E.DDesigo PXC12-E.DAPOGEE MBC (PPC) (BACnet)Desigo PXC22.1-E.DTALON TC Modular (BACnet)Nucleus ReadyStart V3APOGEE MEC (PPC) (BACnet)Desigo PXC00-E.DAPOGEE MBC (PPC) (P2 Ethernet)Desigo PXC50-E.DAPOGEE PXC Compact (P2 Ethernet)Desigo PXC36.1-E.DAPOGEE PXC Modular (P2 Ethernet)Desigo PXC22-E.DDesigo PXC200-E.DDesigo PXM20-EAPOGEE PXC Modular (BACnet)Desigo PXC128-U
CWE ID-CWE-170
Improper Null Termination
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-44374
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.19% / 40.76%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:04
Updated-14 Jan, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user, which could allow to escalate privileges.

Action-Not Available
Vendor-Siemens AG
Product-6gk5216-0ha00-2as6_firmware6gk5213-3bf00-2ab26gk5216-0ba00-2tb26gk5204-2aa00-2gf26gk5205-3bd00-2ab2_firmware6gk5213-3bd00-2ab2_firmware6gk5206-2rs00-2ac2_firmware6gk5224-4gs00-2fc26gk5328-4fs00-3ar36gk5213-3bd00-2tb26gk5206-2bs00-2fc26gk5205-3bb00-2ab26gk5206-2rs00-2ac26gk5206-2bs00-2fc2_firmware6gk5328-4fs00-2rr36gk5208-0ba00-2tb26gk5208-0ha00-2as6_firmware6gk5208-0ha00-2ts6_firmware6gk5205-3bb00-2ab2_firmware6gk5216-0ba00-2fc2_firmware6gk5224-4gs00-2tc26gk5206-2bb00-2ac26gk5206-2gs00-2tc26gk5326-2qs00-3ar3_firmware6gk5213-3bf00-2tb2_firmware6gk5216-3rs00-5ac2_firmware6gk5216-0ua00-5es66gk5206-2bd00-2ac26gk5216-4gs00-2tc2_firmware6gk5328-4ss00-2ar36gk5216-4bs00-2ac26gk5208-0ha00-2as66gk5213-3bb00-2ab26gk5213-3bb00-2ab2_firmware6gk5208-0ba00-2ac26gk5216-4bs00-2ac2_firmware6gk5208-0ba00-2fc26gk5216-0ba00-2ac2_firmware6gk5328-4fs00-3ar3_firmware6gk5204-0ba00-2gf2_firmware6gk5208-0ra00-5ac26gk5216-0ha00-2es66gk5216-0ha00-2es6_firmware6gk5224-4gs00-2tc2_firmware6gk5216-0ba00-2fc26gk5216-0ua00-5es6_firmware6gk5213-3bd00-2ab26ag1208-0ba00-7ac2_firmware6ag1206-2bs00-7ac26gk5208-0ra00-2ac2_firmware6gk5216-4gs00-2tc26ag1206-2bs00-7ac2_firmware6gk5224-4gs00-2fc2_firmware6gk5324-0ba00-2ar3_firmware6gk5206-2gs00-2ac26gk5208-0ha00-2ts66gk5326-2qs00-3ar36ag1206-2bb00-7ac2_firmware6ag1216-4bs00-7ac26gk5208-0ba00-2ab2_firmware6gk5206-2bd00-2ac2_firmware6gk5204-0ba00-2yf2_firmware6gk5206-2bs00-2ac26gk5328-4ss00-3ar36gk5208-0ga00-2tc2_firmware6gk5208-0ba00-2fc2_firmware6gk5205-3bf00-2tb26gk5206-2rs00-5ac26gk5205-3bd00-2tb26gk5328-4ss00-3ar3_firmware6gk5224-4gs00-2ac2_firmware6gk5324-0ba00-3ar3_firmware6gk5328-4fs00-3rr36gk5216-0ba00-2ab2_firmware6gk5328-4ss00-2ar3_firmware6gk5205-3bb00-2tb2_firmware6gk5216-0ba00-2ab26gk5216-4gs00-2fc26gk5213-3bd00-2tb2_firmware6gk5216-4gs00-2ac26gk5216-3rs00-5ac26gk5216-3rs00-2ac26gk5208-0ga00-2ac2_firmware6gk5205-3bf00-2ab26gk5208-0ga00-2ac26gk5224-4gs00-2ac26gk5206-2gs00-2tc2_firmware6gk5206-2gs00-2ac2_firmware6gk5208-0ga00-2fc2_firmware6gk5206-2rs00-5fc26gk5208-0ba00-2ac2_firmware6gk5326-2qs00-3rr36gk5328-4fs00-2ar3_firmware6gk5326-2qs00-3rr3_firmware6gk5208-0ra00-5ac2_firmware6gk5204-2aa00-2yf2_firmware6gk5204-2aa00-2yf26gk5216-0ha00-2ts66gk5205-3bf00-2ab2_firmware6gk5216-4gs00-2ac2_firmware6gk5206-2rs00-5ac2_firmware6gk5216-3rs00-2ac2_firmware6gk5208-0ba00-2tb2_firmware6gk5216-0ha00-2as66gk5204-0ba00-2yf26gk5208-0ua00-5es6_firmware6gk5204-2aa00-2gf2_firmware6gk5208-0ua00-5es66gk5213-3bb00-2tb26gk5216-0ba00-2tb2_firmware6gk5206-2bs00-2ac2_firmware6gk5208-0ga00-2tc26gk5206-2gs00-2fc2_firmware6gk5204-0ba00-2gf26gk5206-2bb00-2ac2_firmware6ag1206-2bb00-7ac26gk5213-3bb00-2tb2_firmware6gk5208-0ha00-2es66gk5205-3bf00-2tb2_firmware6gk5206-2rs00-5fc2_firmware6gk5216-4gs00-2fc2_firmware6gk5324-0ba00-3ar36gk5205-3bd00-2tb2_firmware6gk5328-4fs00-2ar36gk5216-0ba00-2ac26gk5206-2gs00-2fc26ag1208-0ba00-7ac26gk5328-4fs00-2rr3_firmware6ag1216-4bs00-7ac2_firmware6gk5224-0ba00-2ac2_firmware6gk5208-0ga00-2fc26gk5213-3bf00-2ab2_firmware6gk5208-0ra00-2ac26gk5328-4fs00-3rr3_firmware6gk5208-0ba00-2ab26gk5205-3bd00-2ab26gk5324-0ba00-2ar36gk5216-0ha00-2ts6_firmware6gk5213-3bf00-2tb26gk5224-0ba00-2ac26gk5208-0ha00-2es6_firmware6gk5205-3bb00-2tb2SCALANCE S615 LAN-RouterSCALANCE WAM766-1 (ME)SCALANCE WAM766-1SCALANCE WUM766-1SCALANCE WUB762-1 iFeaturesSCALANCE M812-1 ADSL-RouterSCALANCE WUM766-1 (ME)SCALANCE M816-1 ADSL-RouterSCALANCE M876-4 (EU)SCALANCE WUB762-1RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE M874-2SCALANCE WAM763-1SCALANCE M804PBSCALANCE WAM766-1 EEC (ME)SCALANCE WAM766-1 EECSCALANCE WUM763-1 (US)SCALANCE WAM766-1 EEC (US)SCALANCE WUM763-1SCALANCE WUM766-1 (USA)SCALANCE WAM763-1 (US)SCALANCE MUM853-1 (EU)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M826-2 SHDSL-RouterSCALANCE MUM856-1 (RoW)SCALANCE M876-4SCALANCE WAB762-1SCALANCE M876-3 (ROK)SCALANCE WAM763-1 (ME)SCALANCE MUM856-1 (EU)SCALANCE WAM766-1 (US)SCALANCE M874-3SCALANCE S615 EEC LAN-RouterSCALANCE M876-4 (NAM)
CWE ID-CWE-567
Unsynchronized Access to Shared Data in a Multithreaded Context
CVE-2021-27392
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.65%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server.

Action-Not Available
Vendor-Siemens AG
Product-siveillance_video_open_network_bridgeSiveillance Video Open Network Bridge
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-27394
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.34% / 55.82%
||
7 Day CHG~0.00%
Published-16 Apr, 2021 | 20:00
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions < V8.6.9), Mendix Applications using Mendix 9 (All versions < V9.0.5). Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.

Action-Not Available
Vendor-mendixSiemens AG
Product-mendixMendix Applications using Mendix 7Mendix Applications using Mendix 8 (V8.12)Mendix Applications using Mendix 8 (V8.6)Mendix Applications using Mendix 9Mendix Applications using Mendix 8
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-40730
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.12% / 32.34%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 09:32
Updated-27 Feb, 2025 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application lacks sufficient authorization checks. This could allow an attacker to access confidential information, perform administrative functions, or lead to a denial-of-service condition.

Action-Not Available
Vendor-Siemens AG
Product-qms_automotiveQMS Automotive
CWE ID-CWE-284
Improper Access Control
CVE-2021-25150
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-5.06% / 89.37%
||
7 Day CHG~0.00%
Published-30 Mar, 2021 | 00:11
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-scalance_w1750d_firmwareinstantscalance_w1750dAruba Instant Access Points
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-25672
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.34% / 55.76%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 17:03
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Mendix Forgot Password Appstore module (All Versions < V3.2.1). The Forgot Password Marketplace module does not properly control access. An attacker could take over accounts.

Action-Not Available
Vendor-mendixSiemens AG
Product-forgot_passwordMendix Forgot Password Appstore module
CWE ID-CWE-284
Improper Access Control
CVE-2025-27396
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.34%
||
7 Day CHG+0.04%
Published-11 Mar, 2025 | 09:48
Updated-22 Aug, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. This could allow an authenticated lowly-privileged remote attacker to escalate their privileges.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-273
Improper Check for Dropped Privileges
CVE-2022-45093
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-1.53% / 80.58%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 11:39
Updated-09 Apr, 2025 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-45094
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.4||HIGH
EPSS-0.71% / 71.33%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 11:39
Updated-09 Apr, 2025 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INS
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-43546
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.62% / 81.08%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-21 Oct, 2024 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa1_firmware7kg9501-0aa31-2aa1SICAM P850POWER METER SICAM Q100SICAM P855sicam_q100_firmwaresicam_p855_firmwaresicam_p850_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43439
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-0.93% / 75.11%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg9501-0aa01-2aa1_firmware7kg9501-0aa01-2aa17kg9501-0aa31-2aa17kg9501-0aa31-2aa1_firmwareSICAM P850POWER METER SICAM Q100SICAM P855
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6458
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-5.22% / 89.56%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.

Action-Not Available
Vendor-ntpn/aApple Inc.Siemens AGHewlett Packard Enterprise (HPE)
Product-mac_os_xhpux-ntpntpsimatic_net_cp_443-1_opc_uasimatic_net_cp_443-1_opc_ua_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-40182
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.50% / 65.03%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the “--no-sandbox” option. Attackers can add arbitrary JavaScript code inside “Operation” graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser.

Action-Not Available
Vendor-Siemens AG
Product-pxg3.w200-1pxg3.w200-2_firmwaredesigo_pxm50.edesigo_pxm40.e_firmwaredesigo_pxm50.e_firmwaredesigo_pxm40-1_firmwaredesigo_pxm30.edesigo_pxm40-1pxg3.w100-2_firmwaredesigo_pxm50-1_firmwaredesigo_pxm30-1desigo_pxm30.e_firmwaredesigo_pxm50-1pxg3.w100-1desigo_pxm40.epxg3.w100-1_firmwarepxg3.w200-1_firmwaredesigo_pxm30-1_firmwarepxg3.w100-2pxg3.w200-2Desigo PXM50-1PXG3.W100-1Desigo PXM40-1Desigo PXM50.EPXG3.W100-2Desigo PXM40.EDesigo PXM30.EPXG3.W200-1Desigo PXM30-1PXG3.W200-2
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2022-32262
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-2.15% / 83.55%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:22
Updated-21 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-32251
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.30% / 53.22%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:22
Updated-21 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_serverSINEMA Remote Connect Server
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-31619
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.39% / 79.53%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:21
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.

Action-Not Available
Vendor-Siemens AG
Product-teamcenterTeamcenter V12.4Teamcenter V13.0Teamcenter V14.0Teamcenter V13.3Teamcenter V13.1Teamcenter V13.2
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-31765
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.18% / 40.16%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-21 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly authorize the change password function of the web interface. This could allow low privileged users to escalate their privileges.

Action-Not Available
Vendor-Siemens AG
Product-6gk5788-1gd00-0aa06gk5328-4ss00-2ar3_firmware6gk5876-4aa00-2da26gk5774-1fx00-0aa06gk5748-1gy01-0aa06gk5748-1gd00-0ab0_firmware6gk5766-1ge00-7da0_firmware6gk5763-1al00-3aa06gk5826-2ab00-2ab26gk5788-2gd00-0ta0_firmware6gk5786-2fc00-0ac06gk5766-1ge00-7da06gk5788-1gy01-0aa0_firmware6gk5774-1fy00-0ta06gk5552-0aa00-2ar26gk5778-1gy00-0tb06gk5622-2gs00-2ac2_firmware6gk5722-1fc00-0ac0_firmware6gk5528-0ar00-2hr26gk5208-0ga00-2ac2_firmware6gk5552-0ar00-2hr2_firmware6gk5526-8gs00-4ar26gk5526-8gr00-4ar2_firmware6gk5204-0ba00-2gf2_firmware6gk5408-4gq00-2am26gk5208-0ha00-2ts6_firmware6gk5524-8gr00-3ar2_firmware6gk5788-1gd00-0aa0_firmware6ag1216-4bs00-7ac26gk5856-2ea00-3da16gk5722-1fc00-0aa0_firmware6gk5722-1fc00-0ac06gk5324-0ba00-3ar36gk5205-3bf00-2tb2_firmware6gk5524-8gs00-2ar2_firmware6gk5786-2fc00-0ac0_firmware6gk5761-1fc00-0aa0_firmware6gk5216-3rs00-2ac26gk5788-2gy01-0ta0_firmware6gk5552-0ar00-2ar2_firmware6gk5208-0ga00-2ac26gk5213-3bb00-2tb2_firmware6gk5524-8gr00-4ar2_firmware6gk5216-0ha00-2es6_firmware6gk5552-0aa00-2hr26gk5788-1gd00-0ab0_firmware6gk5734-1fx00-0ab6_firmware6gk5204-0ba00-2gf26gk5786-1fc00-0ab0_firmware6gk5786-2fc00-0aa0_firmware6gk5328-4fs00-3ar36gk5206-2rs00-2ac2_firmware6gk5722-1fc00-0aa06gk5213-3bd00-2ab2_firmware6gk5876-4aa00-2da2_firmware6gk5856-2ea00-3aa16gk5213-3bd00-2tb26gk5876-3aa02-2ba2_firmware6gk5766-1je00-3da0_firmware6gk5206-2rs00-5ac2_firmware6gk5876-4aa00-2ba26gk5408-8gs00-2am26gk5788-2gd00-0aa0_firmware6gk5205-3bb00-2tb26gk5208-0ua00-5es66gk6108-4am00-2da2_firmware6ag1208-0ba00-7ac26gk5786-2hc00-0ab06gk5526-8gr00-2ar2_firmware6gk5748-1gd00-0ab06gk5208-0ra00-2ac2_firmware6gk5748-1fc00-0ab0_firmware6gk5734-1fx00-0aa66gk5761-1fc00-0ab06gk5224-4gs00-2tc26gk5216-0ba00-2ac26gk5788-2gd00-0tb06gk5216-4bs00-2ac26gk5734-1fx00-0ab06gk5766-1je00-7da06gk5876-3aa02-2ea26gk5766-1ge00-7db06gk5216-0ha00-2as66gk5216-0ha00-2es66gk5224-0ba00-2ac26gk5328-4fs00-2rr3_firmware6gk5206-2bd00-2ac26gk5853-2ea00-2da1_firmware6gk5206-2gs00-2tc2_firmware6gk5766-1ge00-7tb0_firmware6gk5213-3bf00-2ab2_firmware6ag1206-2bb00-7ac2_firmware6gk5524-8gs00-2ar26gk5788-2gd00-0ta06gk5524-8gr00-2ar26gk5528-0aa00-2hr2_firmware6gk5812-1ba00-2aa26gk5208-0ga00-2fc26gk5208-0ga00-2fc2_firmware6gk5213-3bf00-2tb26gk5216-0ba00-2ab26gk5216-0ba00-2fc2_firmware6gk5416-4gs00-2am2_firmware6gk5213-3bd00-2ab26gk5206-2gs00-2fc26gk5206-2gs00-2ac26gk5205-3bb00-2ab2_firmware6gk5208-0ba00-2fc2_firmware6gk5774-1fx00-0aa66gk5208-0ba00-2ac2_firmware6gk5206-2rs00-5fc2_firmware6gk5766-1ge00-3da06gk5826-2ab00-2ab2_firmware6gk5206-2bs00-2ac26gk5786-2hc00-0aa0_firmware6gk5528-0aa00-2hr26gk5778-1gy00-0ta0_firmware6gk5224-4gs00-2tc2_firmware6gk5788-2gy01-0aa0_firmware6gk5788-2gd00-0tc06gk5206-2bs00-2fc26gk5208-0ba00-2ac26gk5788-2fc00-0aa0_firmware6gk5748-1fc00-0aa0_firmware6gk5738-1gy00-0aa0_firmware6gk5788-2gd00-0ab06gk5786-2fc00-0aa06gk5788-2hy01-0aa06gk5208-0ha00-2as66gk5774-1fy00-0ta0_firmware6gk5721-1fc00-0ab06gk6108-4am00-2ba2_firmware6gk5205-3bd00-2tb26gk5788-1fc00-0aa06gk5524-8gr00-3ar26gk5774-1fx00-0ac0_firmware6gk5208-0ra00-5ac26gk5786-2hc00-0aa06gk5213-3bb00-2ab26gk5734-1fx00-0ab66gk5766-1ge00-7ta0_firmware6gk5216-0ha00-2ts66gk5786-2fe00-0ab06gk5816-1aa00-2aa2_firmware6gk5206-2gs00-2ac2_firmware6gk5326-2qs00-3rr36ag1216-4bs00-7ac2_firmware6gk5774-1fx00-0aa6_firmware6gk5721-1fc00-0aa0_firmware6gk5216-3rs00-2ac2_firmware6gk5204-2aa00-2gf2_firmware6gk5788-1fc00-0ab06gk5208-0ha00-2es66gk5328-4ss00-3ar3_firmware6gk5216-3rs00-5ac2_firmware6gk5788-1fc00-0ab0_firmware6gk5552-0aa00-2hr2_firmware6gk5216-4gs00-2fc26gk5876-3aa02-2ba26gk5766-1ge00-7ta06gk5788-2gd00-0tc0_firmware6gk5328-4fs00-3ar3_firmware6gk5205-3bd00-2tb2_firmware6gk5786-2fe00-0aa06gk5326-2qs00-3ar36gk5748-1gy01-0ta06gk5206-2rs00-2ac26gk5206-2bb00-2ac2_firmware6gk5213-3bb00-2ab2_firmware6gk5216-0ba00-2tb26gk5748-1fc00-0aa06gk5786-1fc00-0aa06gk5526-8gr00-4ar26gk5206-2bb00-2ac26gk5524-8gs00-4ar26gk5734-1fx00-0aa0_firmware6gk5786-2fe00-0aa0_firmware6gk5748-1gy01-0ta0_firmware6gk5876-4aa00-2ba2_firmware6ag1206-2bs00-7ac2_firmware6gk5812-1aa00-2aa26gk5524-8gs00-3ar2_firmware6gk5763-1al00-7da0_firmware6gk5524-8gr00-2ar2_firmware6gk5856-2ea00-3da1_firmware6gk5788-2gd00-0tb0_firmware6gk5416-4gr00-2am26gk5812-1aa00-2aa2_firmware6gk5788-2gd00-0aa06gk5722-1fc00-0ab06gk5528-0aa00-2ar2_firmware6gk5816-1ba00-2aa26gk5526-8gs00-2ar2_firmware6gk5778-1gy00-0aa0_firmware6gk5874-2aa00-2aa26gk5734-1fx00-0aa06gk5788-2gd00-0ab0_firmware6gk5524-8gr00-4ar26gk5524-8gs00-4ar2_firmware6gk5748-1gd00-0aa0_firmware6gk5816-1ba00-2aa2_firmware6gk5874-3aa00-2aa2_firmware6gk5804-0ap00-2aa26gk5208-0ba00-2tb2_firmware6gk5636-2gs00-2ac2_firmware6gk5528-0aa00-2ar26gk5774-1fx00-0ab0_firmware6gk5774-1fx00-0ab6_firmware6gk5206-2rs00-5ac26gk5224-4gs00-2ac26gk5328-4fs00-3rr3_firmware6gk5788-1fc00-0aa0_firmware6gk5526-8gr00-3ar26gk5816-1aa00-2aa26gk5552-0ar00-2hr26gk5408-4gp00-2am26gk5326-2qs00-3rr3_firmware6gk5328-4fs00-2ar3_firmware6gk5216-0ha00-2ts6_firmware6gk5761-1fc00-0ab0_firmware6gk5774-1fx00-0ab66gk5748-1fc00-0ab06gk5774-1fy00-0tb06gk5205-3bb00-2ab26gk5208-0ga00-2tc2_firmware6gk5876-3aa02-2ea2_firmware6gk5734-1fx00-0aa6_firmware6gk5774-1fx00-0ac06gk5204-0ba00-2yf2_firmware6gk5206-2gs00-2fc2_firmware6gk5646-2gs00-2ac26gk5856-2ea00-3aa1_firmware6gk5224-0ba00-2ac2_firmware6gk5216-0ba00-2ac2_firmware6gk5786-1fc00-0ab06gk5324-0ba00-2ar3_firmware6gk5738-1gy00-0aa06gk5763-1al00-3aa0_firmware6gk5216-4gs00-2fc2_firmware6gk5416-4gr00-2am2_firmware6gk5224-4gs00-2fc2_firmware6gk5328-4fs00-2ar36gk5213-3bf00-2tb2_firmware6gk5205-3bb00-2tb2_firmware6gk5766-1ge00-3db0_firmware6gk5526-8gs00-2ar26gk5738-1gy00-0ab06gk5324-0ba00-3ar3_firmware6gk5788-1gy01-0aa06gk5788-2fc00-0aa06gk5788-2fc00-0ac0_firmware6gk5524-8gs00-3ar26gk5326-2qs00-3ar3_firmware6gk5224-4gs00-2ac2_firmware6gk5324-0ba00-2ar36gk5208-0ga00-2tc26gk5213-3bf00-2ab26gk5552-0aa00-2ar2_firmware6gk5216-4gs00-2tc26gk5206-2rs00-5fc26gk5642-2gs00-2ac2_firmware6gk5763-1al00-3da0_firmware6gk5208-0ua00-5es6_firmware6gk5206-2gs00-2tc26gk5774-1fx00-0aa0_firmware6gk5216-0ua00-5es66gk5646-2gs00-2ac2_firmware6gk5766-1ge00-7db0_firmware6gk5788-2hy01-0aa0_firmware6gk5788-2fc00-0ac06gk5205-3bf00-2ab26gk5778-1gy00-0tb0_firmware6gk5788-2gy01-0aa06gk5552-0ar00-2ar26gk5786-2fc00-0ab0_firmware6gk5778-1gy00-0ta06gk5213-3bd00-2tb2_firmware6gk5766-1je00-3da06gk5528-0ar00-2ar2_firmware6gk5328-4fs00-2rr36gk5766-1je00-7da0_firmware6gk5622-2gs00-2ac26gk5213-3bb00-2tb26gk5204-2aa00-2yf26gk5786-2fc00-0ab06gk5208-0ba00-2ab26gk5204-2aa00-2gf26gk5738-1gy00-0ab0_firmware6gk5778-1gy00-0aa06gk5778-1gy00-0ab0_firmware6gk5216-0ba00-2fc26gk5804-0ap00-2aa2_firmware6gk5328-4ss00-3ar36gk5874-2aa00-2aa2_firmware6gk5763-1al00-7da06gk5216-3rs00-5ac26gk5208-0ba00-2tb26gk5874-3aa00-2aa26gk5721-1fc00-0aa06gk5632-2gs00-2ac26gk5328-4fs00-3rr36gk5205-3bd00-2ab26gk5778-1gy00-0ab06gk5766-1ge00-3db06gk5734-1fx00-0ab0_firmware6gk6108-4am00-2ba26gk5528-0ar00-2hr2_firmware6gk5721-1fc00-0ab0_firmware6gk5208-0ha00-2as6_firmware6gk5224-4gs00-2fc26gk5526-8gr00-2ar26gk5748-1gd00-0aa06gk5208-0ra00-2ac26gk5206-2bs00-2ac2_firmware6gk5528-0ar00-2ar26gk5761-1fc00-0aa06gk5774-1fx00-0ab06gk5205-3bf00-2tb26gk5763-1al00-3da06gk5216-0ua00-5es6_firmware6gk5632-2gs00-2ac2_firmware6gk5216-4gs00-2ac26gk5766-1je00-7ta0_firmware6gk5408-8gr00-2am2_firmware6gk5812-1ba00-2aa2_firmware6gk5722-1fc00-0ab0_firmware6gk5636-2gs00-2ac26ag1206-2bs00-7ac26gk5786-2hc00-0ab0_firmware6gk5786-1fc00-0aa0_firmware6gk5204-0ba00-2yf26gk5788-2fc00-0ab0_firmware6gk5208-0ha00-2ts66gk5642-2gs00-2ac26gk5216-0ba00-2ab2_firmware6gk5526-8gs00-3ar2_firmware6gk5408-4gp00-2am2_firmware6gk5526-8gs00-4ar2_firmware6gk5788-2gy01-0ta06gk5208-0ba00-2fc26gk5526-8gr00-3ar2_firmware6gk6108-4am00-2da26gk5408-4gq00-2am2_firmware6gk5216-0ba00-2tb2_firmware6gk5774-1fy00-0tb0_firmware6gk5786-2fe00-0ab0_firmware6gk5216-4bs00-2ac2_firmware6gk5408-8gr00-2am26gk5766-1ge00-7tb06gk5206-2bs00-2fc2_firmware6gk5216-4gs00-2ac2_firmware6gk5205-3bd00-2ab2_firmware6gk5328-4ss00-2ar36gk5208-0ha00-2es6_firmware6gk5408-8gs00-2am2_firmware6gk5205-3bf00-2ab2_firmware6gk5416-4gs00-2am26gk5766-1ge00-3da0_firmware6ag1206-2bb00-7ac26gk5208-0ra00-5ac2_firmware6gk5788-2fc00-0ab06gk5216-4gs00-2tc2_firmware6gk5766-1je00-7ta06gk5204-2aa00-2yf2_firmware6gk5526-8gs00-3ar26gk5216-0ha00-2as6_firmware6gk5748-1gy01-0aa0_firmware6gk5853-2ea00-2da16gk5788-1gd00-0ab06gk5206-2bd00-2ac2_firmware6gk5208-0ba00-2ab2_firmware6ag1208-0ba00-7ac2_firmwareSCALANCE W774-1 RJ45SCALANCE M876-4 (NAM)SCALANCE W1788-2IA M12SCALANCE XB213-3 (ST, E/IP)SCALANCE XR524-8C, 24VSCALANCE XB213-3 (ST, PN)SCALANCE XC216EECRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XB205-3 (ST, PN)SCALANCE XC208SCALANCE XB213-3LD (SC, PN)SCALANCE XC206-2G PoESCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XB205-3LD (SC, PN)SCALANCE W734-1 RJ45 (USA)SCALANCE S615 EECSCALANCE MUM856-1 (RoW)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XR528-6M (2HR2)SCALANCE XR528-6M (L3 int.)SCALANCE XB216 (E/IP)SCALANCE XC216-4CSCALANCE XB208 (E/IP)SCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XC206-2 (SC)SCALANCE W778-1 M12 EECSCALANCE XR524-8C, 1x230VSCALANCE W788-1 M12SCALANCE M876-3 (EVDO)SCALANCE XP208SCALANCE XR552-12M (2HR2)SCALANCE XF204-2BA DNASCALANCE WAM766-1 EEC (EU)SCALANCE XB205-3LD (SC, E/IP)SCALANCE XF204-2BASCALANCE WUM763-1SIPLUS NET SCALANCE XC216-4CSCALANCE W788-2 M12 EECSCALANCE W786-2 RJ45SCALANCE XB213-3 (SC, PN)SCALANCE W1788-2 EEC M12SCALANCE XC206-2SFPSCALANCE XP216POE EECSCALANCE XM408-4C (L3 int.)SCALANCE W1788-2 M12SCALANCE W786-1 RJ45SCALANCE XP208EECSCALANCE MUM856-1 (EU)SCALANCE S615SCALANCE WAM766-1 (US)SCALANCE SC646-2CSCALANCE M826-2 SHDSL-RouterSCALANCE W786-2 SFPSCALANCE XR524-8C, 24V (L3 int.)SCALANCE XR552-12M (2HR2, L3 int.)SCALANCE XC206-2 (ST/BFOC)SCALANCE W722-1 RJ45SCALANCE XM416-4CSCALANCE W788-1 RJ45SCALANCE XR526-8C, 24V (L3 int.)SCALANCE XR528-6MSCALANCE XR528-6M (2HR2, L3 int.)SCALANCE XC216-4C GSCALANCE M874-2SCALANCE XR526-8C, 2x230VSCALANCE W1748-1 M12SCALANCE XP216 (Ethernet/IP)SCALANCE W774-1 M12 EECSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XC224-4C GSCALANCE XC208G PoE (54 V DC)SCALANCE M816-1 ADSL-Router (Annex B)SCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XP208 (Ethernet/IP)SCALANCE M876-3 (ROK)SCALANCE XB216 (PN)SCALANCE XC216-4C G (EIP Def.)SCALANCE M876-4SCALANCE XR526-8C, 24VSCALANCE W734-1 RJ45SCALANCE SC636-2CSCALANCE W788-2 RJ45SCALANCE XM408-4CSCALANCE XC208G PoESCALANCE XR524-8C, 1x230V (L3 int.)SCALANCE WUM766-1 (US)SCALANCE W778-1 M12SCALANCE W748-1 RJ45SCALANCE XM408-8C (L3 int.)SCALANCE XB213-3LD (SC, E/IP)SCALANCE XC216SCALANCE XC208G EECSCALANCE XC208G (EIP def.)SCALANCE XC208GSCALANCE XR526-8C, 2x230V (L3 int.)SCALANCE XP216EECSCALANCE M816-1 ADSL-Router (Annex A)SCALANCE XC206-2G PoE (54 V DC)SCALANCE XM416-4C (L3 int.)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE XC206-2SFP GSCALANCE W774-1 RJ45 (USA)SCALANCE MUM853-1 (EU)SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE W778-1 M12 EEC (USA)SCALANCE W1788-1 M12SCALANCE W738-1 M12SCALANCE M876-4 (EU)SCALANCE XR524-8C, 2x230VSCALANCE XR526-8C, 1x230V (L3 int.)SCALANCE M804PBSCALANCE XC216-3G PoE (54 V DC)SCALANCE XR326-2C PoE WG (without UL)SCALANCE XB205-3 (SC, PN)SCALANCE XC206-2SFP EECSCALANCE W721-1 RJ45SCALANCE XC206-2SFP G (EIP DEF.)SCALANCE WAM766-1 (EU)SCALANCE M812-1 ADSL-Router (Annex B)SCALANCE SC632-2CSCALANCE XP208PoE EECSCALANCE W786-2IA RJ45SCALANCE XF204SCALANCE XF204 DNASCALANCE M812-1 ADSL-Router (Annex A)SCALANCE XB213-3 (SC, E/IP)SCALANCE XR524-8C, 2x230V (L3 int.)SCALANCE XB208 (PN)SCALANCE XC224SCALANCE XR326-2C PoE WGSCALANCE M874-3SCALANCE WUM766-1 (EU)SCALANCE XB205-3 (ST, E/IP)SCALANCE XC208EECSCALANCE WAM763-1SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SIPLUS NET SCALANCE XC206-2SCALANCE XM408-8CSCALANCE W748-1 M12SCALANCE SC642-2CSCALANCE XR552-12MSCALANCE XR526-8C, 1x230VSCALANCE XR328-4C WG (28xGE, AC 230V)SIPLUS NET SCALANCE XC208SCALANCE XC206-2SFP G EECSCALANCE XC224-4C G EECSCALANCE WAM766-1 EEC (US)SCALANCE W761-1 RJ45SCALANCE XC216-3G PoESCALANCE XC216-4C G EECSIPLUS NET SCALANCE XC206-2SFPSCALANCE XP216SCALANCE XC224-4C G (EIP Def.)SCALANCE SC622-2CSCALANCE W788-2 M12
CWE ID-CWE-862
Missing Authorization
CVE-2020-7591
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.01%
||
7 Day CHG~0.00%
Published-15 Oct, 2020 | 18:45
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform (potentially administrative) actions on behalf of those users if the single sign-on feature ("Allow logon without password") is enabled.

Action-Not Available
Vendor-Siemens AG
Product-siport_mpSIPORT MP
CWE ID-CWE-603
Use of Client-Side Authentication
CWE ID-CWE-287
Improper Authentication
CVE-2023-30898
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-9.9||CRITICAL
EPSS-1.99% / 82.84%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 11:51
Updated-28 Jan, 2025 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance Video 2021 R2 (All versions < V21.2 HotfixRev8), Siveillance Video 2022 R1 (All versions < V22.1 HotfixRev7), Siveillance Video 2022 R2 (All versions < V22.2 HotfixRev5), Siveillance Video 2022 R3 (All versions < V22.3 HotfixRev2), Siveillance Video 2023 R1 (All versions < V23.1 HotfixRev1). The Event Server component of affected applications deserializes data without sufficient validations. This could allow an authenticated remote attacker to execute code on the affected system.

Action-Not Available
Vendor-Siemens AG
Product-siveillance_videoSiveillance Video 2022 R1Siveillance Video 2022 R3Siveillance Video 2021 R2Siveillance Video 2023 R1Siveillance Video 2021 R1Siveillance Video 2022 R2Siveillance Video 2020 R2Siveillance Video 2020 R3
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-28829
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-3.9||LOW
EPSS-0.07% / 22.53%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 08:17
Updated-03 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.

Action-Not Available
Vendor-Siemens AG
Product-simatic_net_pc_softwaresinaut_st7scsimatic_pcs_7simatic_winccSIMATIC NET PC Software V14SIMATIC NET PC Software V15SIMATIC WinCCSIMATIC PCS 7 V9.0SINAUT Software ST7scSIMATIC PCS 7 V9.1SIMATIC PCS 7 V8.2
CWE ID-CWE-477
Use of Obsolete Function
CVE-2023-27310
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.6||MEDIUM
EPSS-0.25% / 48.30%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 09:31
Updated-27 Feb, 2025 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to otherwise non-privileged user accounts.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOW
CWE ID-CWE-862
Missing Authorization
CVE-2022-29872
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.29% / 78.84%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 09:47
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Action-Not Available
Vendor-Siemens AG
Product-7kg8501-0aa11-2aa0_firmware7kg8551-0aa01-2aa07kg8501-0aa11-0aa07kg8500-0aa10-0aa0_firmware7kg8501-0aa31-2aa0_firmware7kg8551-0aa02-2aa0_firmware7kg8551-0aa02-0aa0_firmware7kg8551-0aa32-2aa0_firmware7kg8550-0aa00-0aa07kg8550-0aa00-0aa0_firmware7kg8501-0aa01-0aa07kg8551-0aa02-0aa07kg8500-0aa30-0aa07kg8551-0aa32-0aa0_firmware7kg8551-0aa02-2aa07kg8550-0aa30-0aa0_firmware7kg8501-0aa32-0aa07kg8500-0aa30-2aa0_firmware7kg8501-0aa01-0aa0_firmware7kg8501-0aa02-0aa07kg8551-0aa12-2aa07kg8500-0aa00-0aa07kg8551-0aa01-0aa0_firmware7kg8501-0aa11-2aa07kg8501-0aa31-0aa07kg8501-0aa12-2aa0_firmware7kg8501-0aa32-2aa07kg8550-0aa00-2aa0_firmware7kg8550-0aa30-2aa07kg8501-0aa31-0aa0_firmware7kg8550-0aa30-0aa07kg8501-0aa12-0aa0_firmware7kg8551-0aa12-0aa07kg8500-0aa30-2aa07kg8501-0aa32-2aa0_firmware7kg8500-0aa10-2aa0_firmware7kg8500-0aa00-2aa0_firmware7kg8501-0aa01-2aa0_firmware7kg8501-0aa02-0aa0_firmware7kg8500-0aa10-0aa07kg8551-0aa12-0aa0_firmware7kg8550-0aa30-2aa0_firmware7kg8551-0aa32-2aa07kg8501-0aa11-0aa0_firmware7kg8550-0aa10-2aa07kg8501-0aa02-2aa0_firmware7kg8551-0aa32-0aa07kg8501-0aa32-0aa0_firmware7kg8551-0aa12-2aa0_firmware7kg8550-0aa10-0aa0_firmware7kg8501-0aa01-2aa07kg8550-0aa00-2aa07kg8551-0aa31-2aa0_firmware7kg8551-0aa11-2aa07kg8501-0aa12-0aa07kg8551-0aa31-0aa0_firmware7kg8551-0aa11-0aa07kg8500-0aa00-2aa07kg8551-0aa01-2aa0_firmware7kg8550-0aa10-2aa0_firmware7kg8550-0aa10-0aa07kg8551-0aa31-0aa07kg8551-0aa11-0aa0_firmware7kg8551-0aa11-2aa0_firmware7kg8500-0aa30-0aa0_firmware7kg8551-0aa01-0aa07kg8501-0aa02-2aa07kg8500-0aa10-2aa07kg8551-0aa31-2aa07kg8501-0aa31-2aa07kg8501-0aa12-2aa07kg8500-0aa00-0aa0_firmwareSICAM P850SICAM P855
CWE ID-CWE-141
Improper Neutralization of Parameter/Argument Delimiters
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27309
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5||MEDIUM
EPSS-0.22% / 44.22%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 09:31
Updated-27 Feb, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_crossbowRUGGEDCOM CROSSBOW
CWE ID-CWE-862
Missing Authorization
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 38
  • 39
  • Next
Details not found