Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-40575

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-13 May, 2025 | 09:38
Updated At-08 Jul, 2025 | 10:34
Rejected At-
Credits

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:13 May, 2025 | 09:38
Updated At:08 Jul, 2025 | 10:34
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Affected Products
Vendor
Siemens AGSiemens
Product
SCALANCE LPE9403
Default Status
unknown
Versions
Affected
  • From 0 before V4.0 HF0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-457CWE-457: Use of Uninitialized Variable
Type: CWE
CWE ID: CWE-457
Description: CWE-457: Use of Uninitialized Variable
Metrics
VersionBase scoreBase severityVector
3.14.3MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.05.3MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/html/ssa-327438.html
N/A
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-327438.html
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:13 May, 2025 | 10:15
Updated At:08 Jul, 2025 | 11:15

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.14.3MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CPE Matches
Siemens AG
siemens
>>scalance_lpe9403_firmware>>-
cpe:2.3:o:siemens:scalance_lpe9403_firmware:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>scalance_lpe9403>>-
cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-457Secondaryproductcert@siemens.com
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: CWE-457
Type: Secondary
Source: productcert@siemens.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/html/ssa-327438.htmlproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/html/ssa-327438.html
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

41Records found
CVE-2019-13940
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.60% / 70.07%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 15:36
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-300_cpu_317-2_pn\/dp_firmwaresimatic_winac_rtx_\(f\)_2010siplus_s7-300_cpu_314siplus_s7-300_cpu_315-2_pn\/dp_firmwares7-1200_cpu_1214fcs7-1200_cpu_1215fc_firmwaresimatic_s7-300_cpu_319-3_pn\/dpsimatic_s7-300_cpu_317-2_dpsiplus_s7-300_cpu_315-2_pn\/dpsimatic_s7-300_cpu_315-2dp_firmwaresiplus_s7-300_cpu_317-2_pn\/dpsiplus_cpu_1214c_firmwares7-1200_cpu_1214c_firmwares7-1200_cpu_1212c_firmwaresimatic_s7-300_cpu_317-2_dp_firmwaresimatic_s7-300_cpu_315-2_pn\/dp_firmwaresimatic_s7-400_pn\/dp_cpu_firmwaresiplus_cpu_1211csiplus_s7-300_cpu_317-2_pn\/dp_firmwaresiplus_s7-300_cpu_315-2_dp_firmwaresimatic_s7-400_pn\/dp_cpus7-1200_cpu_1215csiplus_cpu_1215c_firmwares7-1200_cpu_1211c_firmwaresiplus_cpu_1212c_firmwaresiplus_cpu_1214csimatic_s7-300_cpu_317-2_pn\/dps7-1200_cpu_1212cs7-1200_cpu_1217c_firmwaresiplus_s7-1200simatic_s7-300_cpu_315-2dpsiplus_s7-300_cpu_315-2_dpsiplus_cpu_1211c_firmwaresimatic_s7-300_cpu_315-2_pn\/dpsiplus_cpu_1215cs7-1200_cpu_1212fc_firmwares7-1200_cpu_1212fcsimatic_s7-300_cpu_319-3_pn\/dp_firmwaresiplus_s7-300_cpu_314_firmwares7-1200_cpu_1215fcs7-1200_cpu_1211cs7-1200_cpu_1215c_firmwares7-1200_cpu_1214csiplus_cpu_1212cs7-1200_cpu_1217cs7-1200_cpu_1214fc_firmwaresiplus_s7-1200_firmwareSIMATIC ET 200pro IM154-8F PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIMATIC WinAC RTX 2010SIMATIC ET 200S IM151-8 PN/DP CPUSIMATIC ET 200S IM151-8F PN/DP CPUSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC WinAC RTX F 2010SIPLUS ET 200S IM151-8 PN/DP CPUSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 317-2 PN/DPSIMATIC S7-300 CPU 317TF-3 PN/DPSIPLUS ET 200S IM151-8F PN/DP CPUSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM154-8 PN/DP CPUSIMATIC ET 200pro IM154-8FX PN/DP CPUSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315T-3 PN/DPSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-13927
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.59% / 69.60%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 13:19
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-pxc22.1-e.dpxc22.1-e.d_firmwarepxa40-w2pxc64-upxc100-e.d_firmwarepxa40-w1pxa30-w0_firmwarepxc100-e.dpxc36.1-e.dpxc36-e.d_firmwarepxc00-e.dpxc128-u_firmwarepxc200-e.d_firmwarepxa30-w2pxa30-w1pxc128-upxa40-w1_firmwarepxa40-w0_firmwarepxc64-u_firmwarepxa30-w1_firmwarepxc00-u_firmwarepxc36.1-e.d_firmwarepxc50-e.dpxa40-w2_firmwarepxc200-e.dpxc00-e.d_firmwarepxa30-w2_firmwarepxc50-e.d_firmwarepxa30-w0pxa40-w0pxc36-e.dpxc00-uDesigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web serverDesigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2
CWE ID-CWE-472
External Control of Assumed-Immutable Web Parameter
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2025-14831
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.59%
||
7 Day CHG~0.00%
Published-09 Feb, 2026 | 14:51
Updated-10 Jun, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

Action-Not Available
Vendor-Red Hat, Inc.Siemens AG
Product-Red Hat Ceph Storage 8RHEL-8 based Middleware ContainersRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Hardened ImagesRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 10.0 Extended Update SupportRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Discovery 2Red Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Update Infrastructure 5Red Hat Enterprise Linux 6Red Hat AI Inference Server 3.2Red Hat Enterprise Linux 10Red Hat Insights proxy 1.5Red Hat AI Inference Server 3.3SIMATIC CN 4100
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CVE-2018-3658
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.13% / 78.70%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.

Action-Not Available
Vendor-Intel CorporationSiemens AG
Product-manageability_engine_firmwaresimatic_ipc677d_firmwaresimatic_ipc477e_firmwaresimatic_ipc427e_firmwaresimatic_ipc647d_firmwaresimatic_ipc427esimatic_ipc647dsimatic_ipc547e_firmwaresimatic_ipc627dsimatic_pc547esimatic_ipc847dsimatic_ipc827dsimatic_ipc547gsimatic_field_pg_m5_firmwaresimatic_ipc847d_firmwaresimatic_pc547g_firmwaresimatic_ipc677dsimatic_ipc627d_firmwaresimatic_itp1000_firmwaresimatic_ipc827d_firmwareconverged_security_management_engine_firmwaresimatic_ipc477esimatic_field_pg_m5simatic_itp1000active_management_technology_firmwareIntel(R) Active Management Technology
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2025-40577
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 40.38%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:39
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-25666
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.3||MEDIUM
EPSS-0.07% / 22.04%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions < V6.3). Sending specially crafted packets through the ARP protocol to an affected device could cause a partial denial-of-service, preventing the device to operate normally for a short period of time.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w780_firmwarescalance_w740_firmwarescalance_w780scalance_w740SCALANCE W780 and W740 (IEEE 802.11n) family
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-25219
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.3||MEDIUM
EPSS-1.04% / 77.83%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 21:10
Updated-16 Sep, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Lame cache can be abused to severely degrade resolver performance

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.Debian GNU/LinuxNetApp, Inc.Oracle CorporationSiemens AGFedora Project
Product-h300eh500scloud_backuph300s_firmwareh410c_firmwareh410sh300sh300e_firmwaresinec_infrastructure_network_serviceshttp_serverdebian_linuxh500eh410s_firmwarefedorah500s_firmwareh500e_firmwarezfs_storage_appliance_kith700s_firmwareh700ebindh410ch700e_firmwareh700sBIND9
CVE-2021-25671
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-4.3||MEDIUM
EPSS-0.10% / 27.82%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:02
Updated-03 Aug, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 (All versions < V1.16.16). Sending specially crafted ARP packets to an affected device could cause a partial denial-of-service, preventing the device to operate normally. A restart is needed to restore normal operations.

Action-Not Available
Vendor-Siemens AG
Product-rwg1.m12_firmwarerwg1.m8rwg1.m12d_firmwarerwg1.m12drwg1.m8_firmwarerwg1.m12RWG1.M8RWG1.M12RWG1.M12D
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-45044
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.57% / 68.92%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-11 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP300) (All versions < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions < V9.50), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.64), SIPROTEC 5 7SA82 (CP100) (All versions < V8.90), SIPROTEC 5 7SA82 (CP150) (All versions < V9.50), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.50), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.50), SIPROTEC 5 7SD82 (CP100) (All versions < V8.90), SIPROTEC 5 7SD82 (CP150) (All versions < V9.50), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.50), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.50), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.50), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.50), SIPROTEC 5 7SL82 (CP100) (All versions < V8.90), SIPROTEC 5 7SL82 (CP150) (All versions < V9.50), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.50), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.50), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.50), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions < V9.64), SIPROTEC 5 7SX82 (CP150) (All versions < V9.50), SIPROTEC 5 7SX85 (CP300) (All versions < V9.50), SIPROTEC 5 7UM85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT82 (CP100) (All versions < V8.90), SIPROTEC 5 7UT82 (CP150) (All versions < V9.50), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.50), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.50), SIPROTEC 5 7VE85 (CP300) (All versions < V9.50), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.50), SIPROTEC 5 7VU85 (CP300) (All versions < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.50). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack.

Action-Not Available
Vendor-Siemens AG
Product-siprotec_5_7sj82_firmwaresiprotec_5_7sl82siprotec_5_7sj86_firmwaresiprotec_5_7sk82_firmwaresiprotec_5_7ke85siprotec_5_6md86_firmwaresiprotec_5_communication_module_ethba2el_firmwaresiprotec_5_7ve85siprotec_5_7sd86siprotec_5_7ut85_firmwaresiprotec_5_7vk87siprotec_5_7sj85_firmwaresiprotec_5_7sl87siprotec_5_7sj86siprotec_5_6md86siprotec_5_7vk87_firmwaresiprotec_5_7sa86siprotec_5_compact_7sx800siprotec_5_7ut87_firmwaresiprotec_5_7sl86siprotec_5_7sk85siprotec_5_7sj81siprotec_5_communication_module_ethbd2fo_firmwaresiprotec_5_7sk82siprotec_5_6md85_firmwaresiprotec_5_7ut82_firmwaresiprotec_5_compact_7sx800_firmwaresiprotec_5_7st85siprotec_5_7um85siprotec_5_communication_module_ethbb2fosiprotec_5_6md89_firmwaresiprotec_5_7ut85siprotec_5_7sa82siprotec_5_7sa87_firmwaresiprotec_5_7sj85siprotec_5_communication_module_ethbb2fo_firmwaresiprotec_5_7sj82siprotec_5_7sl87_firmwaresiprotec_5_7sd87siprotec_5_7ve85_firmwaresiprotec_5_7sa82_firmwaresiprotec_5_7ut86siprotec_5_7st85_firmwaresiprotec_5_7sa87siprotec_5_6mu85siprotec_5_7sx85_firmwaresiprotec_5_6mu85_firmwaresiprotec_5_6md89siprotec_5_7um85_firmwaresiprotec_5_7sd82_firmwaresiprotec_5_7ut87siprotec_5_7ut86_firmwaresiprotec_5_7ss85_firmwaresiprotec_5_7sx85siprotec_5_7ke85_firmwaresiprotec_5_6md85siprotec_5_7sl82_firmwaresiprotec_5_7sk85_firmwaresiprotec_5_7sl86_firmwaresiprotec_5_7ut82siprotec_5_7sd82siprotec_5_communication_module_ethba2elsiprotec_5_7sj81_firmwaresiprotec_5_7sd86_firmwaresiprotec_5_communication_module_ethbd2fosiprotec_5_7sa86_firmwaresiprotec_5_7ss85siprotec_5_7sd87_firmwareSIPROTEC 5 7SK85 (CP200)SIPROTEC 5 7SK82 (CP150)SIPROTEC 5 7SA82 (CP150)SIPROTEC 5 7SA86 (CP200)SIPROTEC 5 7SD82 (CP100)SIPROTEC 5 7SA82 (CP100)SIPROTEC 5 7SD84 (CP200)SIPROTEC 5 7SD82 (CP150)SIPROTEC 5 7SX82 (CP150)SIPROTEC 5 7SX85 (CP300)SIPROTEC 5 7UT85 (CP200)SIPROTEC 5 7SL86 (CP200)SIPROTEC 5 7SD86 (CP200)SIPROTEC 5 7SJ82 (CP100)SIPROTEC 5 7SL87 (CP300)SIPROTEC 5 7SA86 (CP300)SIPROTEC 5 7UM85 (CP300)SIPROTEC 5 6MD84 (CP300)SIPROTEC 5 7UT87 (CP200)SIPROTEC 5 7ST85 (CP200)SIPROTEC 5 7SD86 (CP300)SIPROTEC 5 7VK87 (CP200)SIPROTEC 5 7SD87 (CP200)SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1)SIPROTEC 5 7SL86 (CP300)SIPROTEC 5 6MD85 (CP200)SIPROTEC 5 7KE85 (CP300)SIPROTEC 5 6MD89 (CP300)SIPROTEC 5 7SS85 (CP200)SIPROTEC 5 7UT86 (CP200)SIPROTEC 5 7ST85 (CP300)SIPROTEC 5 7UT86 (CP300)SIPROTEC 5 7SJ81 (CP100)SIPROTEC 5 6MU85 (CP300)SIPROTEC 5 6MD86 (CP300)SIPROTEC 5 7SJ81 (CP150)SIPROTEC 5 7SK85 (CP300)SIPROTEC 5 7SJ85 (CP200)SIPROTEC 5 7SK82 (CP100)SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1)SIPROTEC 5 7UT85 (CP300)SIPROTEC 5 Communication Module ETH-BD-2FOSIPROTEC 5 7SJ82 (CP150)SIPROTEC 5 7ST86 (CP300)SIPROTEC 5 7KE85 (CP200)SIPROTEC 5 7UT82 (CP100)SIPROTEC 5 7SL87 (CP200)SIPROTEC 5 7UT87 (CP300)SIPROTEC 5 6MD85 (CP300)SIPROTEC 5 7VE85 (CP300)SIPROTEC 5 7SD87 (CP300)SIPROTEC 5 7SA84 (CP200)SIPROTEC 5 7VK87 (CP300)SIPROTEC 5 7VU85 (CP300)SIPROTEC 5 7SS85 (CP300)SIPROTEC 5 7SJ86 (CP200)SIPROTEC 5 7SL82 (CP150)SIPROTEC 5 7SJ86 (CP300)SIPROTEC 5 7UT82 (CP150)SIPROTEC 5 7SA87 (CP300)SIPROTEC 5 Compact 7SX800 (CP050)SIPROTEC 5 7SL82 (CP100)SIPROTEC 5 6MD86 (CP200)SIPROTEC 5 7SJ85 (CP300)SIPROTEC 5 7SA87 (CP200)
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-46891
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-1.07% / 78.15%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-20 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-39158
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.86% / 75.44%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 00:00
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rsg2100_\(32m\)ruggedcom_rsg2300pruggedcom_rsg907rruggedcom_rst916pruggedcom_rsg910cruggedcom_rsl910ruggedcom_rs900_\(32m\)ruggedcom_rosruggedcom_rsg920pruggedcom_rsg2300ruggedcom_rs416v2ruggedcom_rst916cruggedcom_rst2228ruggedcom_rst2228pruggedcom_rmc8388ruggedcom_rsg909rruggedcom_rsg908cruggedcom_rs416pv2ruggedcom_rsg2488ruggedcom_rsg2288ruggedcom_rs900g_\(32m\)RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-22796
Matching Score-8
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-8
Assigner-OpenSSL Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.52% / 67.25%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 16:01
Updated-12 May, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.

Action-Not Available
Vendor-OpenSSLSiemens AG
Product-opensslOpenSSLSIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2024-38587
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 39.60%
||
7 Day CHG~0.00%
Published-19 Jun, 2024 | 13:37
Updated-23 May, 2026 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
speakup: Fix sizeof() vs ARRAY_SIZE() bug

In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs ARRAY_SIZE() bug The "buf" pointer is an array of u16 values. This code should be using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512), otherwise it can the still got out of bounds.

Action-Not Available
Vendor-Linux Kernel Organization, IncSiemens AG
Product-linux_kernelLinuxSCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 familySIMATIC S7-1500 TM MFP - GNU/Linux subsystemRUGGEDCOM RST2428PSCALANCE XCM-/XRM-/XCH-/XRH-300 family
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-35823
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.33%
||
7 Day CHG~0.00%
Published-17 May, 2024 | 13:23
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
vt: fix unicode buffer corruption when deleting characters

In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer"). The cure is also the same i.e. replace memcpy() with memmove() due to the overlaping buffers.

Action-Not Available
Vendor-Debian GNU/LinuxSiemens AGLinux Kernel Organization, Inc
Product-debian_linuxlinux_kernelLinuxSIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-29562
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-3.7||LOW
EPSS-0.32% / 55.04%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 09:07
Updated-12 Nov, 2024 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). Affected devices do not properly handle malformed HTTP packets. This could allow an unauthenticated remote attacker to send a malformed HTTP packet causing certain functions to fail in a controlled manner.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_mx5000reruggedcom_rox_rx1511ruggedcom_rox_rx1512_firmwareruggedcom_rox_rx1512ruggedcom_rox_mx5000_firmwareruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx1524_firmwareruggedcom_rox_rx5000ruggedcom_rox_rx1501ruggedcom_rox_rx1536ruggedcom_rox_mx5000ruggedcom_rox_rx1536_firmwareruggedcom_rox_rx1524ruggedcom_rox_rx1500_firmwareruggedcom_rox_mx5000re_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx5000_firmwareRUGGEDCOM ROX MX5000RERUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1501RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX5000RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1512
CWE ID-CWE-20
Improper Input Validation
CVE-2024-33498
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.53% / 67.54%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC RTLS Locating Managersimatic_rtls_locating_manager
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-23362
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 68.53%
||
7 Day CHG~0.00%
Published-23 Mar, 2021 | 16:20
Updated-17 Sep, 2024 | 03:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.

Action-Not Available
Vendor-npmjsn/aSiemens AG
Product-sinec_infrastructure_network_serviceshosted-git-infohosted-git-info
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CVE-2022-25622
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 34.57%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 00:00
Updated-21 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

Action-Not Available
Vendor-Siemens AG
Product-simatic_tdc_cpu555_firmwaresimatic_tdc_cp51m1_firmwaresimatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-1500_cpusimatic_cfu_pasimatic_tdc_cp51m1simatic_s7-400_pn\/dp_v7simatic_s7-410_v8_firmwaresimatic_s7-1500_cpu_firmwaresimatic_cfu_diqsimatic_s7-400h_v6_firmwaresimatic_tdc_cpu555simatic_winac_rtxsimit_simulation_platformsimatic_cfu_diq_firmwaresimatic_s7-400h_v6simatic_s7-410_v10simatic_s7-410_v8simatic_s7-300_cpu_firmwaresimatic_s7-410_v10_firmwaresimatic_winac_rtx_firmwaresimatic_cfu_pa_firmwaresimatic_s7-300_cpuSINAMICS S110SIMATIC CFU DIQSIMATIC ET 200pro IM 154-8F PN/DP CPUSIMATIC ET 200SP IM 155-6 PN HFSIMATIC TDC CP51M1SINAMICS G115DSIMATIC ET200ecoPN, AI 8xRTD/TC, M12-LSIMATIC S7-300 CPU 315F-2 PN/DPSINAMICS V90SIMATIC S7-400 CPU 414F-3 PN/DP V7SIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET200ecoPN, CM 4x IO-Link, M12-LSIMATIC S7-400 CPU 416F-3 PN/DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7SIMATIC S7-300 CPU 315-2 PN/DPSIMATIC ET 200MP IM 155-5 PN HFSINAMICS S150SIMATIC S7-300 CPU 319-3 PN/DPSINAMICS G120 (incl. SIPLUS variants)SIPLUS S7-300 CPU 317F-2 PN/DPSIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-LSIMATIC PN/PN CouplerSIMATIC WinAC RTX F 2010SIMATIC TDC CPU555SIMATIC CFU PASIMATIC ET 200S IM 151-8F PN/DP CPUSINAMICS S210 (6SL5...)SINAMICS G110MSIPLUS HCS4300 CIM4310SIMATIC ET200ecoPN, CM 8x IO-Link, M12-LSIMATIC S7-300 CPU 317F-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS S7-300 CPU 315-2 PN/DPSIMATIC S7-400 CPU 414-3 PN/DP V7SIMATIC ET200ecoPN, DI 16x24VDC, M12-LSIPLUS S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC ET200ecoPN, DI 8x24VDC, M12-LSIPLUS HCS4200 CIM4210CSIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-LSIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC ET 200pro IM 154-8FX PN/DP CPUSINAMICS G150SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC S7-300 CPU 315T-3 PN/DPSINAMICS S120 (incl. SIPLUS variants)SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIMATIC S7-300 CPU 317-2 PN/DPSIPLUS ET 200MP IM 155-5 PN HFSINAMICS DCMSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC S7-300 CPU 319F-3 PN/DPSIPLUS NET PN/PN CouplerSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC ET 200SP IM 155-6 MF HFSIMATIC ET 200S IM 151-8 PN/DP CPUSIPLUS HCS4200 CIM4210SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC S7-400 CPU 416-3 PN/DP V7SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC PN/MF CouplerSIMATIC WinAC RTX 2010SINAMICS G130SIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-400 CPU 412-2 PN V7SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-4956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.42% / 80.99%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Action-Not Available
Vendor-ntpn/aopenSUSEOracle CorporationSiemens AGSUSENovell
Product-simatic_net_cp_443-1_opc_ualinux_enterprise_desktopsuse_managerntpmanager_proxyleapsolarislinux_enterprise_serversimatic_net_cp_443-1_opc_ua_firmwareopenstack_cloudopensusen/a
CVE-2020-7588
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 61.02%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:18
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.

Action-Not Available
Vendor-Siemens AG
Product-simatic_notifier_serversimatic_step_7opcenter_intelligencesimatic_it_production_suitesimatic_it_lmssimatic_pcs_neoopcenter_execution_processsoft_starter_esopcenter_qualitysimocode_esopcenter_rd\&lopcenter_execution_discreteopcenter_execution_foundationSIMATIC Notifier Server for WindowsOpcenter Execution DiscreteOpcenter RD&LOpcenter Execution FoundationSIMATIC IT Production SuiteSoft Starter ES V16Opcenter QualitySIMATIC STEP 7 (TIA Portal) V16SIMATIC PCS neoSoft Starter ES V15.1SIMATIC STEP 7 (TIA Portal) V15SIMATIC IT LMSSIMOCODE ES V16Opcenter Execution ProcessSIMOCODE ES V15.1Opcenter Intelligence
CWE ID-CWE-20
Improper Input Validation
CVE-2024-26882
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 11.21%
||
7 Day CHG~0.00%
Published-17 Apr, 2024 | 10:27
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()

In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd ("ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()") 1ca1ba465e55 ("geneve: make sure to pull inner header in geneve_rx()") We have to save skb->network_header in a temporary variable in order to be able to recompute the network_header pointer after a pskb_inet_may_pull() call. pskb_inet_may_pull() makes sure the needed headers are in skb->head. syzbot reported: BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline] ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409 __ipgre_rcv+0x9bc/0xbc0 net/ipv4/ip_gre.c:389 ipgre_rcv net/ipv4/ip_gre.c:411 [inline] gre_rcv+0x423/0x19f0 net/ipv4/ip_gre.c:447 gre_rcv+0x2a4/0x390 net/ipv4/gre_demux.c:163 ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233 NF_HOOK include/linux/netfilter.h:314 [inline] ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254 dst_input include/net/dst.h:461 [inline] ip_rcv_finish net/ipv4/ip_input.c:449 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569 __netif_receive_skb_one_core net/core/dev.c:5534 [inline] __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648 netif_receive_skb_internal net/core/dev.c:5734 [inline] netif_receive_skb+0x58/0x660 net/core/dev.c:5793 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1556 tun_get_user+0x53b9/0x66e0 drivers/net/tun.c:2009 tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055 call_write_iter include/linux/fs.h:2087 [inline] new_sync_write fs/read_write.c:497 [inline] vfs_write+0xb6b/0x1520 fs/read_write.c:590 ksys_write+0x20f/0x4c0 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __x64_sys_write+0x93/0xd0 fs/read_write.c:652 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b Uninit was created at: __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590 alloc_pages_mpol+0x62b/0x9d0 mm/mempolicy.c:2133 alloc_pages+0x1be/0x1e0 mm/mempolicy.c:2204 skb_page_frag_refill+0x2bf/0x7c0 net/core/sock.c:2909 tun_build_skb drivers/net/tun.c:1686 [inline] tun_get_user+0xe0a/0x66e0 drivers/net/tun.c:1826 tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055 call_write_iter include/linux/fs.h:2087 [inline] new_sync_write fs/read_write.c:497 [inline] vfs_write+0xb6b/0x1520 fs/read_write.c:590 ksys_write+0x20f/0x4c0 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __x64_sys_write+0x93/0xd0 fs/read_write.c:652 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Action-Not Available
Vendor-Siemens AGLinux Kernel Organization, Inc
Product-linux_kernelLinuxSIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CVE-2024-27436
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 38.50%
||
7 Day CHG~0.00%
Published-17 May, 2024 | 12:12
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ALSA: usb-audio: Stop parsing channels bits when all channels are found.

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.

Action-Not Available
Vendor-Debian GNU/LinuxSiemens AGLinux Kernel Organization, Inc
Product-debian_linuxlinux_kernelLinuxSIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-28500
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 48.00%
||
7 Day CHG~0.00%
Published-15 Feb, 2021 | 11:10
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

Action-Not Available
Vendor-lodashn/aOracle CorporationSiemens AG
Product-peoplesoft_enterprise_peopletoolsprimavera_unifiersinec_insfinancial_services_crime_and_compliance_management_studioprimavera_gatewaylodashhealth_sciences_data_management_workbenchcommunications_cloud_native_core_policybanking_trade_finance_process_managementbanking_supply_chain_financecommunications_design_studiobanking_credit_facilities_process_managementbanking_corporate_lending_process_managementbanking_extensibility_workbenchcommunications_session_border_controllercommunications_services_gatekeeperenterprise_communications_brokerjd_edwards_enterpriseone_toolsretail_customer_management_and_segmentation_foundationLodash
CVE-2024-26901
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 10.35%
||
7 Day CHG~0.00%
Published-17 Apr, 2024 | 10:27
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak

In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. [1] "BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40 instrument_copy_to_user include/linux/instrumented.h:114 [inline] _copy_to_user+0xbc/0x100 lib/usercopy.c:40 copy_to_user include/linux/uaccess.h:191 [inline] do_sys_name_to_handle fs/fhandle.c:73 [inline] __do_sys_name_to_handle_at fs/fhandle.c:112 [inline] __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94 __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94 ... Uninit was created at: slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768 slab_alloc_node mm/slub.c:3478 [inline] __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517 __do_kmalloc_node mm/slab_common.c:1006 [inline] __kmalloc+0x121/0x3c0 mm/slab_common.c:1020 kmalloc include/linux/slab.h:604 [inline] do_sys_name_to_handle fs/fhandle.c:39 [inline] __do_sys_name_to_handle_at fs/fhandle.c:112 [inline] __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94 __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94 ... Bytes 18-19 of 20 are uninitialized Memory access of size 20 starts at ffff888128a46380 Data copied to user address 0000000020000240" Per Chuck Lever's suggestion, use kzalloc() instead of kmalloc() to solve the problem.

Action-Not Available
Vendor-Siemens AGLinux Kernel Organization, Inc
Product-linux_kernelLinuxSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 TM MFP - GNU/Linux subsystemSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2022-0396
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-8
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 29.42%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 10:45
Updated-16 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS from specifically crafted TCP packets

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.NetApp, Inc.Siemens AGFedora Project
Product-h300esinec_insh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwareh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700ebindh410ch700e_firmwareh700sBIND
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2016-2518
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-3.48% / 87.84%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Action-Not Available
Vendor-ntpn/aFreeBSD FoundationOracle CorporationSiemens AGRed Hat, Inc.Debian GNU/LinuxNetApp, Inc.
Product-debian_linuxfreebsdoncommand_performance_managerntpenterprise_linux_desktopenterprise_linux_server_tusoncommand_balancecommunications_user_data_repositoryenterprise_linux_server_eusenterprise_linux_server_ausdata_ontapsimatic_net_cp_443-1_opc_uaenterprise_linux_serveroncommand_unified_manager_for_clustered_data_ontapenterprise_linux_workstationclustered_data_ontaplinuxsimatic_net_cp_443-1_opc_ua_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23814
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.38% / 59.72%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:28
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication services are not affected. Affected devices will resume normal operation after the attack terminates.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS S7-1200 CPU 1212 AC/DC/RLYSIMATIC S7-300 CPU 315-2 PN/DPSIMATIC S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319F-3 PN/DPSIMATIC ET 200SP CPU 1512SP F-1 PNSIMATIC TDC CPU555SIPLUS S7-1200 CPU 1214FC DC/DC/DCSIMATIC ET 200pro IM 154-4 PN HFSIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-300 CPU 314C-2 PN/DPSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIMATIC S7-300 CPU 317F-2 PN/DPSIWAREX WP241SIPLUS S7-1200 CPU 1215 AC/DC/RLYSIMATIC ET 200SP IM 155-6 PN HFSIPLUS ET 200S IM151-3 PN HFSIPLUS ET 200SP CPU 1512SP F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/DCSIMATIC ET 200AL IM 157-1 PNSIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)SIPLUS S7-300 CPU 315F-2 PN/DPSIMATIC S7-300 CPU 319-3 PN/DPSIMATIC ET 200SP IM 155-6 PN/2 HFSIMATIC S7-1500 CPU 1513-1 PNSIDOOR ATD430WSIPLUS ET 200S IM 151-8F PN/DP CPUSIMATIC S7-1500 CPU 1511-1 PNSIMATIC ET 200S IM 151-3 PN FOSIMATIC S7-300 CPU 315T-3 PN/DPSIMATIC S7-1200 CPU 1215C DC/DC/DCSIPLUS NET PN/PN CouplerSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMATIC ET 200SP IM 155-6 PN ST BASIMATIC ET 200MP IM 155-5 PN STSIMATIC S7-1200 CPU 1212C AC/DC/RlySIMATIC ET 200SP CPU 1512SP-1 PNSIWAREX WP521 STSIMATIC ET 200S IM 151-8 PN/DP CPUSIMATIC Power Line Booster PLB, Modem Module STSIPLUS ET 200SP IM 155-6 PN ST BASIMATIC CFU DIQSIPLUS HCS4200 CIM4210CSINUMERIK 840D slSIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC S7-1500 CPU 1516F-3 PN/DPSIPLUS ET 200M IM 153-4 PN IO STSIPLUS HCS4300 CIM4310SIPLUS S7-1200 CPU 1214 DC/DC/DCSIPLUS S7-1500 CPU 1511-1 PNSIMATIC ET 200SP IM 155-6 PN BASIMATIC S7-300 CPU 317T-3 PN/DPSIPLUS ET 200SP IM 155-6 PN HFSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIPLUS S7-300 CPU 317F-2 PN/DPSIMATIC PN/PN CouplerSIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1200 CPU 1214FC DC/DC/RlySIMATIC ET 200M IM 153-4 PN IO HFSIPLUS S7-300 CPU 317-2 PN/DPSIMATIC ET 200pro IM 154-3 PN HFSIPLUS ET 200M IM 153-4 PN IO HFSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIMATIC S7-1200 CPU 1214C AC/DC/RlySIPLUS ET 200S IM 151-8 PN/DP CPUSIMATIC ET 200pro IM 154-8FX PN/DP CPUSIMATIC ET 200S IM 151-3 PN STSIMATIC CFU PASIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSIPLUS S7-1200 CPU 1212C DC/DC/DCSIMATIC ET 200MP IM 155-5 PN BASIDOOR ATE530S COATEDSIPLUS S7-1200 CPU 1215 DC/DC/DCSIPLUS S7-1500 CPU 1516F-3 PN/DPSIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIMATIC S7-1500 CPU 1515F-2 PNSIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIMATIC S7-1500 CPU 1513F-1 PNSIMOCODE pro V PROFINETSIWAREX WP522 STSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)SIMATIC ET 200S IM 151-3 PN HSSIMATIC S7-1200 CPU 1212FC DC/DC/DCSIPLUS HCS4200 CIM4210SIMATIC S7-1200 CPU 1212FC DC/DC/RlySIMATIC S7-1200 CPU 1215C DC/DC/RlySIMATIC ET 200S IM 151-8F PN/DP CPUSIMATIC ET 200pro IM 154-8 PN/DP CPUSIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)SIPLUS S7-1500 CPU 1513-1 PNSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1215FC DC/DC/RlySIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215 DC/DC/RLYSIMATIC Power Line Booster PLB, Base ModuleSIMATIC S7-1500 CPU 1511F-1 PNSIMATIC S7-300 CPU 317TF-3 PN/DPSIMATIC ET 200S IM 151-3 PN HFSIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSIWAREX WP251SIMATIC TDC CP51M1SIPLUS S7-300 CPU 315-2 PN/DPSIPLUS S7-300 CPU 314C-2 PN/DPSIMATIC S7-1200 CPU 1211C AC/DC/RlySIPLUS ET 200MP IM 155-5 PN STSIPLUS ET 200SP IM 155-6 PN STSIPLUS S7-1500 CPU 1511F-1 PNSIMATIC ET 200SP CPU 1510SP-1 PNSIMATIC S7-1200 CPU 1215C AC/DC/RlySIMATIC S7-1200 CPU 1214FC DC/DC/DCSIWAREX WP231SIMATIC S7-1200 CPU 1217C DC/DC/DCSIMATIC S7-1500 CPU 1516-3 PN/DPSIDOOR ATE530G COATEDSIMATIC S7-1200 CPU 1214C DC/DC/DCSIPLUS ET 200S IM151-3 PN STSIPLUS S7-1500 CPU 1513F-1 PNSIMATIC S7-1200 CPU 1211C DC/DC/RlySIMATIC S7-1500 CPU 1515-2 PNSIMATIC S7-1200 CPU 1215FC DC/DC/DCSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200SP IM 155-6 PN STSIMATIC ET 200M IM 153-4 PN IO STSIMATIC ET 200MP IM 155-5 PN HFSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SIMATIC S7-1200 CPU 1214C DC/DC/RlySIMATIC S7-300 CPU 317-2 PN/DPSIMATIC ET 200SP IM 155-6 PN HSSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC ET 200SP IM 155-6 MF HFSIPLUS ET 200SP IM 155-6 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP CPU 1510SP F-1 PNSIMATIC ET 200pro IM 154-8F PN/DP CPU
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-41222
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.36% / 58.19%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:35
Updated-08 Jul, 2025 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). Affected devices do not properly handle malformed TLS handshake messages. This could allow an attacker with network access to the webserver to cause a denial of service resulting in the web server and the device to crash.

Action-Not Available
Vendor-Siemens AG
Product-RUGGEDCOM RS900G (32M) V4.XRUGGEDCOM RS910WRUGGEDCOM RSG2288 V4.XRUGGEDCOM M2100RUGGEDCOM RSG2288 V5.XRUGGEDCOM RS400RUGGEDCOM RS8000RUGGEDCOM RS1600TRUGGEDCOM RSG910CRUGGEDCOM RS8000HRUGGEDCOM RST916CRUGGEDCOM i800RUGGEDCOM RS900LRUGGEDCOM RST916PRUGGEDCOM RSG920P V4.XRUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2200RUGGEDCOM RS930WRUGGEDCOM RMC8388 V5.XRUGGEDCOM i802RUGGEDCOM RP110RUGGEDCOM RS416PRUGGEDCOM M969RUGGEDCOM RSG909RRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS920LRUGGEDCOM i803RUGGEDCOM RSG2300 V4.XRUGGEDCOM RMC8388 V4.XRUGGEDCOM RSG2100P (32M) V5.XRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RS900M-GETS-XXRUGGEDCOM RS910LRUGGEDCOM RS1600FRUGGEDCOM RS416v2 V4.XRUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RST2228PRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS1600RUGGEDCOM RSG920P V5.XRUGGEDCOM RS900WRUGGEDCOM M2200RUGGEDCOM RS8000TRUGGEDCOM i801RUGGEDCOM RS930LRUGGEDCOM RSG2100RUGGEDCOM RS900GRUGGEDCOM RS900GPRUGGEDCOM RSG2488 V4.XRUGGEDCOM RSL910RUGGEDCOM RS940GRUGGEDCOM RST2228RUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RS900RUGGEDCOM RS416RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-STND-XXRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RMC30RUGGEDCOM RSG2300 V5.XRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS969RUGGEDCOM RSG907RRUGGEDCOM RSG2488 V5.XRUGGEDCOM RS8000ARUGGEDCOM RS920WRUGGEDCOM RSG2100PRUGGEDCOM RS401
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2025-40576
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 36.73%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:39
Updated-08 Jul, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-40802
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-2.3||LOW
EPSS-0.03% / 9.05%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 08:48
Updated-03 Oct, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering once the activity stops.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rst2428p_firmwareruggedcom_rst2428pRUGGEDCOM RST2428P
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40578
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 40.38%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:39
Updated-04 Jun, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process.

Action-Not Available
Vendor-Siemens AG
Product-scalance_lpe9403scalance_lpe9403_firmwareSCALANCE LPE9403
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19276
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 41.23%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:18
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service.

Action-Not Available
Vendor-Siemens AG
Product-simatic_hmi_ktp_mobile_panels_firmwaresimatic_hmi_comfort_panels_firmwaresimatic_hmi_ktp_mobile_panelssimatic_hmi_comfort_panelsSIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants)SIMATIC HMI KTP Mobile Panels
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-12133
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 57.28%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 15:28
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

Action-Not Available
Vendor-Siemens AGRed Hat, Inc.
Product-Red Hat Enterprise Linux 10Red Hat Discovery 1.14Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsSIPLUS S7-1500 CPU 1518-4 PN/DP MFPRUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1400SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPRUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1501RUGGEDCOM ROX MX5000RESIMATIC S7-1500 CPU 1518-4 PN/DP MFPRUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1511
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CVE-2023-6780
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.88%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 14:08
Updated-12 May, 2026 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glibc: integer overflow in __vsyslog_internal()

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

Action-Not Available
Vendor-n/aRed Hat, Inc.Siemens AGFedora ProjectGNU
Product-glibcfedoraFedoraglibcRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFP
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-52891
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 29.94%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:04
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC Energy Manager PRO (All versions < V7.5), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMIT V10 (All versions), SIMIT V11 (All versions < V11.1). Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in Siemens products are affected by a similar vulnerability as documented in CVE-2023-27321 for the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load situation and memory exhaustion, and may block the server.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC Energy Manager BasicSIMIT V10SIMATIC Energy Manager PROSIMATIC IPC DiagMonitorSIMIT V11SIMATIC IPC DiagBasesimatic_energy_manager_basicsimatic_ipc_diagbasesimatic_energy_manager_prosimatic_ipc_diagmonitorsimit_v10simit_v11
CWE ID-CWE-1325
Improperly Controlled Sequential Memory Allocation
CVE-2021-37735
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.35% / 57.79%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 15:14
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-aruba_instantscalance_w1750d_firmwarescalance_w1750dHPE Aruba Instant (IAP)
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2024-12243
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.23% / 79.54%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 15:28
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

Action-Not Available
Vendor-Siemens AGRed Hat, Inc.
Product-Red Hat Enterprise Linux 10Red Hat Discovery 1.14Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsSIPLUS S7-1500 CPU 1518-4 PN/DP MFPRUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1400SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPRUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1501RUGGEDCOM ROX MX5000RESIMATIC S7-1500 CPU 1518-4 PN/DP MFPRUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1536RUGGEDCOM ROX RX1511
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CVE-2024-39876
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.58% / 69.28%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker to cause a denial of service condition through resource exhaustion on the device.

Action-Not Available
Vendor-Siemens AG
Product-SINEMA Remote Connect Server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-37993
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.19% / 40.54%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-18 Sep, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-simatic_reader_rf650r_fcc_firmwaresimatic_reader_rf680r_cmiitsimatic_rf1170r_firmwaresimatic_reader_rf650r_cmiit_firmwaresimatic_reader_rf685r_fccsimatic_reader_rf650r_aribsimatic_reader_rf615r_etsi_firmwaresimatic_rf360rsimatic_reader_rf680r_fccsimatic_reader_rf610r_fccsimatic_reader_rf610r_etsi_firmwaresimatic_reader_rf685r_arib_firmwaresimatic_reader_rf615r_cmiitsimatic_rf186c_firmwaresimatic_reader_rf685r_fcc_firmwaresimatic_rf188c_firmwaresimatic_reader_rf680r_cmiit_firmwaresimatic_reader_rf685r_etsisimatic_rf185csimatic_rf360r_firmwaresimatic_rf1140r_firmwaresimatic_rf186cisimatic_rf1140rsimatic_rf188csimatic_reader_rf610r_cmiit_firmwaresimatic_reader_rf610r_fcc_firmwaresimatic_rf185c_firmwaresimatic_reader_rf615r_fccsimatic_reader_rf680r_etsisimatic_reader_rf615r_fcc_firmwaresimatic_reader_rf680r_fcc_firmwaresimatic_reader_rf610r_etsisimatic_reader_rf685r_cmiit_firmwaresimatic_reader_rf680r_arib_firmwaresimatic_rf186ci_firmwaresimatic_rf166c_firmwaresimatic_rf188ci_firmwaresimatic_reader_rf650r_fccsimatic_reader_rf650r_cmiitsimatic_reader_rf685r_cmiitsimatic_rf166csimatic_reader_rf680r_aribsimatic_rf1170rsimatic_reader_rf650r_etsisimatic_reader_rf610r_cmiitsimatic_reader_rf650r_arib_firmwaresimatic_reader_rf680r_etsi_firmwaresimatic_reader_rf615r_etsisimatic_reader_rf650r_etsi_firmwaresimatic_rf186csimatic_reader_rf685r_aribsimatic_reader_rf615r_cmiit_firmwaresimatic_reader_rf685r_etsi_firmwaresimatic_rf188ciSIMATIC Reader RF650R ARIBSIMATIC Reader RF650R ETSISIMATIC Reader RF680R CMIITSIMATIC Reader RF615R ETSISIMATIC RF166CSIMATIC Reader RF685R CMIITSIMATIC RF185CSIMATIC Reader RF610R CMIITSIMATIC Reader RF685R ETSISIMATIC Reader RF615R CMIITSIMATIC RF188CISIMATIC Reader RF610R ETSISIMATIC Reader RF685R FCCSIMATIC Reader RF615R FCCSIMATIC RF186CSIMATIC RF360RSIMATIC Reader RF680R ARIBSIMATIC RF1140RSIMATIC Reader RF685R ARIBSIMATIC RF1170RSIMATIC Reader RF680R ETSISIMATIC RF188CSIMATIC Reader RF610R FCCSIMATIC Reader RF650R CMIITSIMATIC RF186CISIMATIC Reader RF680R FCCSIMATIC Reader RF650R FCC
CWE ID-CWE-284
Improper Access Control
CVE-2023-5678
Matching Score-8
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-8
Assigner-OpenSSL Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.54% / 67.92%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 15:47
Updated-12 May, 2026 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Excessive time spent in DH check / generation with large Q parameter value

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Action-Not Available
Vendor-OpenSSLSiemens AG
Product-opensslOpenSSLSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSINEC NMSRUGGEDCOM RST2428PSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIDIS PrimeSCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 familySCALANCE XCM-/XRM-/XCH-/XRH-300 familySIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-606
Unchecked Input for Loop Condition
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2021-44003
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 36.38%
||
7 Day CHG~0.00%
Published-14 Dec, 2021 | 12:06
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to use of uninitialized memory while parsing user supplied TIFF files. This could allow an attacker to cause a denial-of-service condition.

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-457
Use of Uninitialized Variable
CWE ID-CWE-908
Use of Uninitialized Resource
Details not found