Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SINEC NMS

Source -

ADPCNA

CNA CVEs -

57

ADP CVEs -

10

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
67Vulnerabilities found

CVE-2026-25654
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.45% / 36.60%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 08:40
Updated-17 Apr, 2026 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3). Affected products do not properly validate user authorization when processing password reset requests. This could allow an authenticated remote attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMS
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-24032
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.25% / 16.41%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 08:40
Updated-17 Apr, 2026 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3 with UMC). The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application. (ZDI-CAN-27564)

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMS
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2026-25656
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.24% / 14.81%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 09:58
Updated-14 Apr, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108)

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsuser_management_componentUser Management Component (UMC)SINEC NMS
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2026-25655
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.24% / 14.81%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 09:58
Updated-12 Feb, 2026 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative privilege.(ZDI-CAN-28107)

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-40755
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.35% / 26.86%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 09:15
Updated-25 Nov, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP1). Affected applications are vulnerable to SQL injection through getTotalAndFilterCounts endpoint. An authenticated low privileged attacker could exploit to insert data and achieve privilege escalation. (ZDI-CAN-26570)

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30033
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.21% / 10.67%
||
7 Day CHG+0.01%
Published-12 Aug, 2025 | 11:16
Updated-10 Mar, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.

Action-Not Available
Vendor-Siemens AG
Product-Siemens Network Planner (SINETPLAN)SIMATIC PCS 7 Advanced Process Functions V2.1SIMATIC Process Historian 2022SIMIT Simulation PlatformSIMATIC WinCC V8.1SIMATIC STEP 7 CFC V20SIMATIC PCS 7 Industry Library V10.0TIA Portal Cloud ConnectorSIMATIC Logon V1.6SINEMA Remote Connect ClientSIMATIC PDM V9.2Standard PID CTRL ToolSIMATIC WinCC Runtime Professional V20SIMIT Rapid TesterCreate MyConfig (CMC)SINAMICS Startdrive V19SIMATIC PCS 7 Advanced Process Graphics V10.0SINAMICS Startdrive V20SIMATIC Automation Tool SDK WindowsSIMATIC MTP Integrator V1.xSIMATIC STEP 7 V5.7CEMAT V10.0SIMATIC WinCC Unified SequenceOpenPCS 7 V10.0SIMATIC eaSie Core PackageTIA Project-ServerSIMATIC MTP CREATOR V2.xSIMATIC S7-Fail-safe Configuration Tool (S7-FCT)SIMATIC Automation ToolSIMATIC S7 F Systems V6.3SIMATIC WinCC Runtime ProfessionalTotally Integrated Automation Portal (TIA Portal) V19SIMATIC MTP Integrator V2.xWinCC Panel Image SetupSIMATIC ProSave V17SIMATIC WinCC Visualization Architect (SiVArc) V17SIMATIC PCS neo V5.0SIMATIC S7-1500 Software Controller V3SIMATIC Route Control V9.1SIMATIC ProSave V18SIMATIC NET PC Software V20Modular PID CTRL ToolSIMATIC Energy Suite V18SIMATIC D7-SYSSIMATIC PCS 7 Industry Library V9.0SIMATIC NET PC Software V19SIMATIC Process Function Library (PFL) V4.0SINAMICS Startdrive V18MultiFieldbus Configuration Tool (MFCT)FM Configuration PackageSIMATIC Logon V2.0SIMATIC eaSie Workflow SkillsSIMATIC S7-PLCSIM V20CP PtP Param configuring interfaceSIMATIC NET PC Software V17SIMATIC PCS 7 PowerControlSIMATIC MTP CREATOR V4.xSIMATIC BATCH V10.0SIMATIC PCS 7 V10.0SIMATIC eaSie Document SkillsSIMATIC WinCC Visualization Architect (SiVArc) V19Automation License Manager V6.0SIMATIC ProSave V20SIMATIC PCS 7 Advanced Process Faceplates V9.1SIMATIC Process Historian 2020SIMATIC Energy Suite V19SIMATIC PCS 7 Logic Matrix V10.0SIMATIC PCS neo V6.0SIMATIC S7-PLCSIM V17SIMATIC S7 F Systems V6.4SIMATIC S7-PLCSIM AdvancedTotally Integrated Automation Portal (TIA Portal) V17SIMATIC MTP CREATOR V5.xSIMATIC WinCC Runtime AdvancedSIMATIC S7-PLCSIM V18SIMATIC ProSave V19SIMATIC Energy Suite V17SIMATIC MTP CREATOR V3.xEnergy Support Library (EnSL)SIMATIC PCS 7 Standard Chemical Library V10.0SITRANSSIMATIC Management AgentSIMATIC PCS 7 Advanced Process Functions V2.2SIMATIC ODK 1500SSIMATIC WinCC Unified PC Runtime V19SIMATIC BATCH V9.1TIA Portal Test Suite V19SIMATIC PCS 7 MPC ConfiguratorSIMATIC STEP 7 CFC V19OpenPCS 7 V9.1SIMATIC PCS 7 Basis Faceplates V9.1SIMATIC WinCC V8.0TIA AdministratorAutomation License Manager V6.2SIMATIC S7-1500 Software Controller V2SIMATIC Control Function Library (CFL) V1.xSIMATIC PDM Maintenance Station V5.0SIMATIC WinCC Unified Line CoordinationSIMATIC PCS 7 Basis Library V9.1SIMATIC Control Function Library (CFL) V2.xSIMATIC WinCC V7.5SIMATIC PCS 7 Advanced Process Library incl. Faceplates V10.0SIMATIC PCS 7 Standard Chemical Library V9.1SIMATIC WinCC flexible ESSIMATIC Route Control V10.0SIMATIC WinCC Visualization Architect (SiVArc) V18TIA Portal Test Suite V20SIMATIC S7-PLCSIM V19SIMATIC NET PC Software V18SINAMICS Startdrive V17Totally Integrated Automation Portal (TIA Portal) V18SIMATIC Safety MatrixTIA Project-Server V17SIMATIC WinCC Unified PC Runtime V20Totally Integrated Automation Portal (TIA Portal) V20SIMATIC WinCC TeleControlSINEC NMSSIMATIC PCS 7/OPEN OS V9.1SIMATIC Process Historian 2024TIA Portal Test Suite V18SIMATIC WinCC Visualization Architect (SiVArc) V20SIMATIC PDM V9.3SIMATIC PCS 7 Basis Library V10.0SIMATIC WinCC Unified PC Runtime V18SIMATIC Control Function Library (CFL) V4.xSIMATIC PCS 7 Logic Matrix V9.1SIMATIC PCS 7 TeleControlSIMATIC PCS 7 V9.1SIMATIC TargetSIMATIC Management ConsoleSIMATIC S7-PCTSIMATIC NET PC Software V16TIA Portal Test Suite V17SIMATIC PCS 7 Advanced Process Library V9.1TeleControl Server Basic V3.1SIMATIC eaSie PCS 7 Skill PackageSIMATIC Control Function Library (CFL) V3.xSIMATIC PCS 7 Advanced Process Graphics V9.1SIMATIC PCS 7 Industry Library V9.1
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-40738
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-7.17% / 93.58%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26572).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-40737
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-7.17% / 93.58%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26571).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-40736
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-0.40% / 32.44%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application (ZDI-CAN-26569).

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-40735
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.46% / 37.01%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 10:34
Updated-21 Aug, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-30176
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.53% / 41.34%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-03 Oct, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-totally_integrated_automation_portaluser_management_componentsinec_nmssimatic_pcs_neosinema_remote_connectTotally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-30175
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.53% / 41.34%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-03 Oct, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-totally_integrated_automation_portaluser_management_componentsinec_nmssimatic_pcs_neosinema_remote_connectTotally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-30174
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.53% / 41.34%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-03 Oct, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-totally_integrated_automation_portaluser_management_componentsinec_nmssinema_remote_connectTotally Integrated Automation Portal (TIA Portal) V19SIMATIC PCS neo V4.1Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V20SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18SINEMA Remote ConnectSIMATIC PCS neo V5.0User Management Component (UMC)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-49775
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-1.52% / 71.79%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 15:06
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

Action-Not Available
Vendor-Siemens AG
Product-Opcenter IntelligenceSIMATIC PCS neo V4.0SIMATIC PCS neo V5.0SINEC NMSTotally Integrated Automation Portal (TIA Portal) V18Totally Integrated Automation Portal (TIA Portal) V19Totally Integrated Automation Portal (TIA Portal) V16Opcenter Execution FoundationSIMATIC PCS neo V4.1Opcenter QualityTotally Integrated Automation Portal (TIA Portal) V17Opcenter RDnL
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-47808
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.3||HIGH
EPSS-0.13% / 3.27%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-13 Nov, 2024 | 23:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to write arbitrary content to any location in the filesystem of the host system.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMSsinec_nms
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-33698
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-1.06% / 60.87%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

Action-Not Available
Vendor-Siemens AG
Product-SINEMA Remote Connect ClientTotally Integrated Automation Portal (TIA Portal) V16SINEC NMSSIMATIC PCS neo V4.1SIMATIC PCS neo V5.0Opcenter QualityTotally Integrated Automation Portal (TIA Portal) V17SIMATIC PCS neo V4.0Totally Integrated Automation Portal (TIA Portal) V19Opcenter RDnLTotally Integrated Automation Portal (TIA Portal) V18totally_integrated_automation_portalsimatic_information_serversimatic_pcs_neo
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-41941
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 17.52%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-13 Aug, 2024 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMS
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-41940
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.4||CRITICAL
EPSS-0.56% / 42.80%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-13 Aug, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMSsinec_nms
CWE ID-CWE-20
Improper Input Validation
CVE-2024-41939
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.51% / 40.14%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-13 Aug, 2024 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMSsinec_nms
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-41938
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-5.1||MEDIUM
EPSS-0.26% / 17.54%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-13 Aug, 2024 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-36398
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.17% / 7.06%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 07:54
Updated-14 Aug, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMSsinec_nms
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2023-46280
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.2||HIGH
EPSS-0.26% / 17.54%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:01
Updated-09 Jun, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2), SINEC NMS (All versions < V3.0 SP1). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.

Action-Not Available
Vendor-Siemens AG
Product-SINUMERIK ONE virtualSIMATIC WinCC V8.0Totally Integrated Automation Portal (TIA Portal) V16SIMATIC Automation ToolSIMATIC WinCC Runtime Professional V18SIMATIC S7-PCTTotally Integrated Automation Portal (TIA Portal) V15.1SIMATIC NET PC Software V18SIMATIC NET PC Software V16SIMATIC STEP 7 V5SIMATIC WinCC OA V3.17SINAMICS StartdriveSIMATIC NET PC Software V19SIMATIC WinCC V7.5SIMATIC PDM V9.2Totally Integrated Automation Portal (TIA Portal) V18SIMATIC BATCH V9.1Totally Integrated Automation Portal (TIA Portal) V19Security Configuration Tool (SCT)SINEC NMSSIMATIC WinCC OA V3.18SIMATIC Route Control V9.1SIMATIC NET PC Software V17SIMATIC WinCC V7.4TIA Portal Cloud ConnectorSIMATIC PCS 7 V9.1SIMATIC WinCC Runtime AdvancedTotally Integrated Automation Portal (TIA Portal) V17SIMATIC WinCC Runtime Professional V19SIMATIC WinCC OA V3.19SIMATIC WinCC Runtime Professional V16SIMATIC WinCC Runtime Professional V17SINUMERIK PLC Programming Tool
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-6237
Assigner-OpenSSL Software Foundation
ShareView Details
Assigner-OpenSSL Software Foundation
CVSS Score-5.9||MEDIUM
EPSS-2.30% / 81.40%
||
7 Day CHG~0.00%
Published-25 Apr, 2024 | 06:27
Updated-12 May, 2026 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Excessive time spent checking invalid RSA public keys

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.

Action-Not Available
Vendor-OpenSSLSiemens AG
Product-OpenSSLSINEC NMSSIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-606
Unchecked Input for Loop Condition
CVE-2024-31978
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.6||HIGH
EPSS-0.46% / 37.33%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 08:34
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP2). Affected devices allow authenticated users to export monitoring data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download files from the file system. Under certain circumstances the downloaded files are deleted from the file system.

Action-Not Available
Vendor-Siemens AG
Product-SINEC NMS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-23812
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8||HIGH
EPSS-1.09% / 61.79%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 09:00
Updated-04 Oct, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMSsinec_nms
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-23811
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.39% / 31.02%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 09:00
Updated-04 Oct, 2024 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMSsinec_nms
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-23810
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.65% / 47.22%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 09:00
Updated-09 May, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-0727
Assigner-OpenSSL Software Foundation
ShareView Details
Assigner-OpenSSL Software Foundation
CVSS Score-5.5||MEDIUM
EPSS-3.17% / 86.60%
||
7 Day CHG~0.00%
Published-26 Jan, 2024 | 08:57
Updated-12 May, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PKCS12 Decoding crashes

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.

Action-Not Available
Vendor-OpenSSLSiemens AG
Product-opensslOpenSSLSINEC NMSSIMATIC S7-1500 TM MFP - GNU/Linux subsystemSIDIS Prime
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-6129
Assigner-OpenSSL Software Foundation
ShareView Details
Assigner-OpenSSL Software Foundation
CVSS Score-6.5||MEDIUM
EPSS-2.32% / 81.57%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 16:36
Updated-12 May, 2026 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
POLY1305 MAC implementation corrupts vector registers on PowerPC

Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.

Action-Not Available
Vendor-OpenSSLSiemens AG
Product-opensslOpenSSLSINEC NMSSIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-440
Expected Behavior Violation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-46285
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.91% / 55.80%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-24 May, 2025 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalTotally Integrated Automation Portal (TIA Portal) V15.1Opcenter QualityTotally Integrated Automation Portal (TIA Portal) V18SINEC NMSSIMATIC PCS neoOpcenter Execution FoundationTotally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V17
CWE ID-CWE-20
Improper Input Validation
CVE-2023-46284
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.91% / 55.80%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-25 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalOpcenter Execution FoundationTotally Integrated Automation Portal (TIA Portal) V15.1Totally Integrated Automation Portal (TIA Portal) V16SIMATIC PCS neoTotally Integrated Automation Portal (TIA Portal) V18Totally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V14SINEC NMSOpcenter Quality
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-46283
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.91% / 55.80%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-14 Jan, 2025 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalSIMATIC PCS neoTotally Integrated Automation Portal (TIA Portal) V18Opcenter Execution FoundationOpcenter QualityTotally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V15.1SINEC NMS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-46282
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.49% / 39.00%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-14 Jan, 2025 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalSIMATIC PCS neoTotally Integrated Automation Portal (TIA Portal) V18Opcenter Execution FoundationOpcenter QualityTotally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V15.1SINEC NMS
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-46281
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.94% / 56.97%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 11:27
Updated-14 Jan, 2025 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_integrate_runmyhmi_\/automotiveopcenter_qualitysimatic_pcs_neototally_integrated_automation_portalSIMATIC PCS neoTotally Integrated Automation Portal (TIA Portal) V18Opcenter Execution FoundationOpcenter QualityTotally Integrated Automation Portal (TIA Portal) V17Totally Integrated Automation Portal (TIA Portal) V16Totally Integrated Automation Portal (TIA Portal) V14Totally Integrated Automation Portal (TIA Portal) V15.1SINEC NMS
CWE ID-CWE-942
Permissive Cross-domain Policy with Untrusted Domains
CVE-2023-46219
Assigner-HackerOne
ShareView Details
Assigner-HackerOne
CVSS Score-5.3||MEDIUM
EPSS-1.13% / 62.86%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 01:38
Updated-14 Jul, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

Action-Not Available
Vendor-Siemens AGCURLFedora Project
Product-curlfedoracurlSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSINEC NMS
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2023-46218
Assigner-HackerOne
ShareView Details
Assigner-HackerOne
CVSS Score-6.5||MEDIUM
EPSS-1.69% / 74.46%
||
7 Day CHG~0.00%
Published-07 Dec, 2023 | 01:10
Updated-14 Jul, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.

Action-Not Available
Vendor-Siemens AGCURLFedora Project
Product-curlfedoracurlRUGGEDCOM ROX RX1500RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1524RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1501SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPRUGGEDCOM ROX RX5000RUGGEDCOM ROX MX5000RERUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1536SINEC NMS
CWE ID-CWE-178
Improper Handling of Case Sensitivity
CVE-2023-5678
Assigner-OpenSSL Software Foundation
ShareView Details
Assigner-OpenSSL Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-4.46% / 90.37%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 15:47
Updated-12 May, 2026 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Excessive time spent in DH check / generation with large Q parameter value

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Action-Not Available
Vendor-OpenSSLSiemens AG
Product-opensslOpenSSLSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSINEC NMSRUGGEDCOM RST2428PSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIDIS PrimeSCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 familySCALANCE XCM-/XRM-/XCH-/XRH-300 familySIMATIC S7-1500 TM MFP - GNU/Linux subsystem
CWE ID-CWE-606
Unchecked Input for Loop Condition
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2023-5363
Assigner-OpenSSL Software Foundation
ShareView Details
Assigner-OpenSSL Software Foundation
CVSS Score-7.5||HIGH
EPSS-3.33% / 87.27%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 15:31
Updated-14 Jul, 2026 | 12:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect cipher key & IV length processing

Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.

Action-Not Available
Vendor-NetApp, Inc.Siemens AGOpenSSLDebian GNU/Linux
Product-h410c_firmwaredebian_linuxh500s_firmwareh410s_firmwareh300sh500sh410sh410ch700s_firmwareh300s_firmwareopensslh700sOpenSSLSIDIS PrimeSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSINEC NMS
CWE ID-CWE-684
Incorrect Provision of Specified Functionality
CVE-2023-44315
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-4.7||MEDIUM
EPSS-0.30% / 21.50%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 10:21
Updated-27 Feb, 2025 | 20:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-30527
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.16% / 5.83%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 10:20
Updated-27 Feb, 2025 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-44487
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-100.00% / 100.00%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 00:00
Updated-14 Jul, 2026 | 12:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Action-Not Available
Vendor-linecorplinkerdprojectcontourenvoyproxyistioopenrestyamazongrpckazu-yamamotokonghqakkatraefiknghttp2denavarnish_cache_projectcaddyservern/aCisco Systems, Inc.Siemens AGNode.js (OpenJS Foundation)JenkinsMicrosoft CorporationF5, Inc.FacebookNetApp, Inc.The IETF Administration LLC (IETF LLC)Red Hat, Inc.Eclipse Foundation AISBLApple Inc.The Apache Software FoundationThe Netty ProjectGoFedora ProjectDebian GNU/Linux
Product-nexus_9804nexus_9332d-h2rnexus_9372txnexus_9200istionexus_92160yc_switchfedoranexus_92160yc-xsiplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareenterprise_chat_and_email.netvisual_studio_2022windows_10_22h2node_healthcheck_operatornexus_36180yc-ropenshift_sandboxed_containersnexus_9500_4-slotnexus_93128tx_switchnexus_92300ycbig-ip_nextcost_managementjboss_enterprise_application_platformnexus_9200ycnexus_9332pqnexus_9396txproxygenultra_cloud_core_-_session_management_functionintegration_camel_kintegration_camel_for_spring_bootnexus_3064tazure_kubernetes_servicenexus_93180yc-fxcrosswork_zero_touch_provisioningbig-ip_analyticsnexus_3432d-snexus_93180yc-fx3secure_malware_analyticsopensearch_data_preppersecure_web_appliance_firmwareweb_terminalprime_infrastructurenexus_93180lc-ex_switchopenshift_container_platform_assisted_installercertification_for_red_hat_enterprise_linuxprime_cable_provisioningnexus_93108tc-fx-24connected_mobile_experiencesnexus_92300yc_switchprocess_automationexpresswayhttp_serverunified_attendant_console_advancedopenstack_platformnginx_plusnexus_93240yc-fx2nexus_3636c-rcryostatnexus_3100-zsingle_sign-onopenshift_distributed_tracingnexus_9736pqnexus_9272qnexus_3016qnexus_93108tc-ex-24unified_contact_center_domain_managernexus_9396tx_switchopenshift_developer_tools_and_servicesnexus_93128crosswork_situation_managernexus_93180yc-ex-24nexus_9332pq_switchwindows_server_2022nexus_31108pc-vopenshift_api_for_data_protectionopenshift_gitopsnexus_3132c-zsupport_for_spring_bootwindows_server_2016nexus_3016nexus_3132q-vopenshift_service_mesh3scale_api_management_platformnexus_3464cnexus_9500ropenshiftcaddynexus_3100-vnexus_3132qopenshift_secondary_scheduler_operatornexus_3064-32tnexus_31108tc-varmeriagomigration_toolkit_for_containersbuild_of_optaplannernexus_3232nexus_9372pxbig-ip_websafenexus_9500_supervisor_anexus_9348gc-fxpultra_cloud_core_-_serving_gateway_functionnexus_3172tqnexus_9504windows_10_21h2nexus_3064xnexus_3232cnexus_9636pqnexus_3400jettyansible_automation_platformnexus_9500_supervisor_bnexus_9372tx-ewindows_10_1809nexus_3524-xlnexus_3408-snexus_3172tq-32tnexus_93180tc-exnexus_9516nexus_3524-xnexus_3264c-enexus_3172pqnexus_3172pq\/pq-xlnexus_9336pqastra_control_centernexus_9364c-gxnexus_9336c-fx2simatic_s7-1500_cpu_1518-4_pn\/dpnexus_9236cnexus_9536pqnexus_9236c_switchnexus_93180yc-fx-24nexus_31128pqnetwork_observability_operatorbig-ip_application_security_managerprime_access_registrarswiftnio_http\/2linkerdios_xewindows_11_22h2nexus_9500_supervisor_b\+nexus_9364d-gx2adecision_managerbig-ip_policy_enforcement_managerquaynexus_3264qbusiness_process_automationnexus_3100vsecure_dynamic_attributes_connectornexus_9372tx_switchnexus_9500_supervisor_a\+machine_deletion_remediation_operatornode.jssatellitenexus_9348d-gx2abig-ip_domain_name_systemnexus_3064nexus_9372px-e_switchbig-ip_link_controllernexus_93108tc-ex_switchhttpbig-ip_advanced_firewall_managerprime_network_registrarcert-manager_operator_for_red_hat_openshiftnexus_9432pqtraefikbuild_of_quarkusnexus_3524self_node_remediation_operatorcrosswork_data_gatewaycontournode_maintenance_operatorcbl-marinernexus_9716d-gxsinec_insh2onexus_9332d-gx2bnexus_9372px_switchapisixjboss_core_servicesnexus_9500_16-slotsimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareoncommand_insightnexus_9372px-enexus_9336pq_aci_spinenexus_3548-xnexus_9221cnexus_9272q_switchnexus_93108tc-fxfirepower_threat_defensebig-ip_fraud_protection_servicewindows_server_2019migration_toolkit_for_virtualizationvarnish_cacheunified_contact_center_enterprisenexus_93108tc-fx3hnexus_93240tc-fx2asp.net_coretelepresence_video_communication_servernexus_93216tc-fx2nexus_3100traffic_servernexus_3064-xnexus_9348gc-fx3nexus_9332cbig-ip_application_visibility_and_reportingnexus_3132q-x\/3132q-xltomcatwindows_10_1607simatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmwarenexus_3172tq-xlnexus_3548-xlnexus_9336pq_aci_spine_switchsiplus_s7-1500_cpu_1518-4_pn\/dp_mfpnexus_3164qdebian_linuxnexus_9396px_switchnexus_9396pxlogging_subsystem_for_red_hat_openshiftnexus_9364cbig-ip_webacceleratoropenshift_serverlessnetworkingnexus_9500big-ip_ssl_orchestratornexus_93180yc-ex_switchnexus_9508nexus_3132q-xnexus_93120txnexus_3132q-xlnexus_9408ruggedcom_ape1808_firmwarenexus_34180ycnexus_93180yc-fx3snx-osnexus_93180lc-exunified_contact_center_management_portalnexus_92304qc_switchdata_center_network_manageropenrestynexus_92348gc-xbig-ip_application_acceleration_manageropenshift_virtualizationnexus_93108tc-fx3pnexus_93360yc-fx2nexus_3172pq-xlnexus_31108pv-vgrpcnexus_93128txnexus_3064-tadvanced_cluster_management_for_kubernetesbig-ip_advanced_web_application_firewallenvoynexus_3232c_big-ip_global_traffic_managernginxfence_agents_remediation_operatorjboss_data_gridios_xrfog_directorsimatic_s7-1500_cpu_1518f-4_pn\/dp_mfpbig-ip_carrier-grade_natnexus_9300windows_11_21h2secure_web_applianceintegration_service_registryhttp2openshift_dev_spacesbig-ip_ddos_hybrid_defendernexus_93180yc-fx3hservice_interconnectnghttp2openshift_data_sciencest7_scadaconnectnexus_93120tx_switchbig-ip_local_traffic_managerbig-ip_access_policy_managerjboss_fuseopenshift_container_platformopenshift_pipelinesnexus_3048nexus_9508_switchnettynexus_9336c-fx2-enexus_93600cd-gxnexus_34200yc-smnexus_9516_switchceph_storagenexus_3600jboss_a-mqrun_once_duration_override_operatornexus_9000vnexus_3172nexus_3500sinec_nmsruggedcom_ape1808nexus_9336pq_acinexus_9316d-gxnexus_9800kong_gatewayadvanced_cluster_securitynexus_3548-x\/xlunified_contact_center_enterprise_-_live_data_serverultra_cloud_core_-_policy_control_functionbig-ip_next_service_proxy_for_kubernetesnexus_9232enexus_9808jboss_a-mq_streamsnexus_92304qciot_field_network_directornexus_9500_8-slotmigration_toolkit_for_applicationsnexus_3200solrjenkinsnginx_ingress_controllernexus_93180yc-exnexus_9372tx-e_switchnexus_93108tc-exnexus_9504_switchnexus_3524-x\/xlnexus_3548service_telemetry_frameworkenterprise_linuxn/ahttpSIPLUS S7-1500 CPU 1518-4 PN/DP MFPSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSINEC NMSRUGGEDCOM APE1808HTTP/2
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-0778
Assigner-OpenSSL Software Foundation
ShareView Details
Assigner-OpenSSL Software Foundation
CVSS Score-7.5||HIGH
EPSS-70.56% / 99.32%
||
7 Day CHG~0.00%
Published-15 Mar, 2022 | 17:05
Updated-22 May, 2026 | 13:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Infinite loop in BN_mod_sqrt() reachable when parsing certificates

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).

Action-Not Available
Vendor-NetApp, Inc.Tenable, Inc.Siemens AGNode.js (OpenJS Foundation)OpenSSLMariaDB FoundationDebian GNU/LinuxFedora Project
Product-debian_linuxsantricity_smi-s_providernode.jsopenssla250mariadb500fclustered_data_ontap500f_firmwarea250_firmwarenessusclustered_data_ontap_antivirus_connectorstoragegridfedoracloud_volumes_ontap_mediatorOpenSSLSIMATIC MV550 HSCALANCE W786-2IA RJ45SIMATIC S7-1200 CPU 1214C AC/DC/RlySCALANCE XR326-2C PoE WG (without UL)SIPLUS S7-1200 CP 1243-1SIMATIC CP 1242-7 V2SCALANCE MUM856-1 (RoW)SIMATIC S7-1500 CPU 1513R-1 PNSCALANCE XF204-2BASCALANCE X307-3SIMATIC RF188CSCALANCE M876-4 (NAM)SIMATIC S7-1200 CPU 1211C DC/DC/DCSCALANCE W786-1 RJ45SIMATIC S7-1200 CPU 1211C DC/DC/RlySCALANCE M876-4 (EU)SCALANCE LPE9403SIMATIC CP 1628SIMATIC S7-1500 CPU 1517TF-3 PN/DPSIMATIC S7-1200 CPU 1212C AC/DC/RlySIPLUS S7-1200 CPU 1215 DC/DC/DCSCALANCE X306-1LD FESCALANCE MUM853-1 (EU)SIPLUS S7-1200 CPU 1212 AC/DC/RLYSINAMICS Startdrive V15.1SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNSIMATIC CP 443-1 OPC UASCALANCE S615 LAN-RouterSCALANCE XB213-3 (SC, E/IP)SIPLUS ET 200SP CPU 1510SP-1 PNSCALANCE XR526-8C, 24V (L3 int.)SCALANCE XB208 (PN)SIMATIC S7-1500 CPU 1512C-1 PNSIRIUS Soft Starter ES V15.1 (TIA Portal)Security Configuration Tool (SCT)SIPLUS NET CP 1242-7 V2SIPLUS ET 200SP CPU 1512SP F-1 PNSCALANCE W748-1 M12SIPLUS S7-1500 CPU 1511-1 PN T1 RAILSCALANCE X308-2LHBFCClientSCALANCE XR528-6M (2HR2)SIMATIC HMI Unified Comfort Panels familySCALANCE XR326-2C PoE WGSIMATIC S7-1500 CPU 1511C-1 PNSIMATIC Cloud Connect 7 CC716SIMATIC RF166CSIMATIC WinCC V17SIPLUS NET SCALANCE XC216-4CSIMATIC S7-1200 CPU 1215FC DC/DC/DCSIMATIC Logon V1.6SIPLUS S7-1500 CPU 1518F-4 PN/DPSCALANCE M816-1 ADSL-RouterSCALANCE XR324-4M PoE (24V, ports on front)RUGGEDCOM ROX RX1510SIMATIC PCS 7 TeleControlSCALANCE WUM763-1SCALANCE XC216EECSIMATIC RF615RSCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)SCALANCE XR552-12M (2HR2, L3 int.)SCALANCE XR324-4M PoE TS (24V, ports on front)SCALANCE X320-1 FESCALANCE X320-1-2LD FESIMATIC S7-1200 CPU 1215C DC/DC/DCSCALANCE M804PBRUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1524SCALANCE XF204-2SCALANCE X307-2 EEC (230V, coated)SCALANCE XR324WG (24 X FE, DC 24V)SIMATIC S7-1200 CPU 1212FC DC/DC/DCSIMATIC ET 200SP CPU 1510SP F-1 PNSINAMICS DCC V15.1SCALANCE W1788-2IA M12SCALANCE XR324-4M EEC (2x 24V, ports on front)SIPLUS S7-1500 CPU 1518-4 PN/DP MFPSINEMA Remote Connect ServerSIPLUS NET SCALANCE XC206-2SIPLUS S7-1200 CPU 1214 DC/DC/RLYSIPLUS S7-1200 CPU 1212 DC/DC/RLYSIPLUS S7-1500 CPU 1515F-2 PNSINAMICS DCC V16SCALANCE WAM766-1 EEC (US)SCALANCE X202-2P IRTSCALANCE XR324-12M TS (24V)SCALANCE XR524-8C, 2x230V (L3 int.)SIPLUS S7-1200 CPU 1214FC DC/DC/RLYSIPLUS ET 200SP CPU 1510SP F-1 PN RAILTeleControl Server Basic V3SCALANCE W1748-1 M12SCALANCE XC206-2SFP G (EIP DEF.)SCALANCE XR526-8C, 1x230V (L3 int.)SCALANCE XC216-4C G (EIP Def.)SIMATIC WinCC Unified (TIA Portal)SCALANCE XM408-8CSIMATIC CP 1243-8 IRCSCALANCE W1788-2 EEC M12SCALANCE X212-2SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILSIMATIC S7-PLCSIM AdvancedSCALANCE WAM766-1 EECSCALANCE W788-2 M12SIPLUS S7-1200 CPU 1214C DC/DC/DC RAILSCALANCE X206-1LDSIRIUS Soft Starter ES V17 (TIA Portal)SIMATIC S7-1200 CPU 1214C DC/DC/RlySCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)SCALANCE XR324-4M EEC (2x 24V, ports on rear)SIPLUS S7-1500 CPU 1517H-3 PNSIMATIC RF610RSCALANCE X202-2P IRT PROSIMATIC MV550 SSIPLUS S7-1200 CPU 1212C DC/DC/DC RAILSCALANCE X408-2SIMATIC S7-1200 CPU 1211C AC/DC/RlySCALANCE XP208 (Ethernet/IP)SIMATIC PDMSIPLUS S7-1500 CPU 1516-3 PN/DP RAILSCALANCE XC224-4C GSIMATIC RF185CSCALANCE XR324-12M (24V, ports on front)SIMATIC CP 1243-7 LTE USRUGGEDCOM ROX RX1400SIMATIC S7-1500 CPU 1511TF-1 PNRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XR324-4M PoE (24V, ports on rear)SCALANCE X308-2M TSSIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PNSCALANCE W1750D (ROW)SIPLUS S7-1200 CP 1243-1 RAILSCALANCE X302-7 EEC (230V)SCALANCE X302-7 EEC (2x 230V)SCALANCE X308-2M PoESIMATIC S7-1500 CPU 1517-3 PN/DPSIMATIC CP 1243-1SIPLUS ET 200SP CPU 1510SP-1 PN RAILSCALANCE M826-2 SHDSL-RouterSCALANCE XR324-12M (230V, ports on rear)SIMATIC CP 1626SCALANCE W786-2 RJ45SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILSCALANCE XR324-4M PoE (230V, ports on front)SCALANCE XC206-2SFP GSCALANCE XC216-3G PoE (54 V DC)SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODKSCALANCE W1788-1 M12SCALANCE XM408-4C (L3 int.)RUGGEDCOM ROX RX5000SINAUT Software ST7scSIRIUS Soft Starter ES V16 (TIA Portal)SCALANCE XC206-2 (SC)SCALANCE XR528-6M (L3 int.)SIPLUS S7-1200 CPU 1214FC DC/DC/DCSIPLUS S7-1200 CPU 1215 AC/DC/RLYSCALANCE X307-2 EEC (24V)SINEC INSSIPLUS ET 200SP CP 1543SP-1 ISEC TX RAILSIPLUS NET SCALANCE XC206-2SFPSIPLUS NET CP 443-1 AdvancedSIPLUS S7-1200 CPU 1215C AC/DC/RLYSIMATIC S7-1500 CPU 1515T-2 PNSCALANCE XM416-4C (L3 int.)SCALANCE XP216POE EECSIMOCODE ES V17SCALANCE XB213-3 (SC, PN)SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODKSCALANCE X304-2FESCALANCE XC216-4CSCALANCE XP216SIPLUS NET CP 343-1 AdvancedSIPLUS S7-1200 CPU 1214 AC/DC/RLYSIMATIC S7-1500 CPU 1515F-2 PNSIPLUS ET 200SP CP 1543SP-1 ISECSCALANCE X307-2 EEC (24V, coated)SIMATIC PCS 7 V9.0SCALANCE X302-7 EEC (2x 24V)SCALANCE W722-1 RJ45SCALANCE XB205-3LD (SC, PN)SCALANCE X308-2SCALANCE XR552-12M (2HR2)SCALANCE W788-2 M12 EECSCALANCE XR324-4M EEC (24V, ports on rear)SCALANCE XB213-3 (ST, PN)SCALANCE WAM766-1 (US)SCALANCE WUM766-1 (USA)SIMATIC S7-1500 CPU 1516T-3 PN/DPSCALANCE XR524-8C, 1x230VSCALANCE X208PROSIMATIC RF186CSCALANCE X302-7 EEC (24V, coated)SIPLUS S7-1500 CPU 1518-4 PN/DPSCALANCE XP208PoE EECSCALANCE XR528-6M (2HR2, L3 int.)SIMATIC STEP 7 V15.1SIMATIC S7-1200 CPU 1215FC DC/DC/RlySIPLUS S7-1500 CPU 1516F-3 PN/DPSIMATIC STEP 7 V5SCALANCE XC206-2SFP EECSCALANCE X204-2LD TSSIPLUS ET 200SP CPU 1512SP-1 PN RAILSCALANCE XP208SCALANCE XB216 (PN)SIMATIC NET PC Software V15SCALANCE X310FESIPLUS S7-1200 CPU 1212C AC/DC/RLYSCALANCE XF204IRTSCALANCE XR324-12M (24V, ports on rear)SIPLUS ET 200SP CPU 1510SP F-1 PNSCALANCE W778-1 M12 EECSCALANCE XB205-3LD (SC, E/IP)RUGGEDCOM ROX RX1511SCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XC216-4C G EECSIPLUS ET 200SP CPU 1512SP-1 PNSCALANCE SC646-2CSCALANCE X216SIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSCALANCE XB205-3 (ST, E/IP)SIMATIC WinCC V16RUGGEDCOM ROX RX1501SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)SIPLUS S7-1500 CPU 1515R-2 PN TX RAILSCALANCE XB213-3LD (SC, PN)SCALANCE XC224-4C G (EIP Def.)SIMATIC WinCC V7.4SCALANCE X302-7 EEC (2x 230V, coated)SCALANCE XR524-8C, 24VSCALANCE XC206-2G PoE EEC (54 V DC)SIMATIC NET PC Software V14SCALANCE X308-2 RD (inkl. SIPLUS variants)TIA AdministratorSIMATIC S7-1200 CPU 1214FC DC/DC/RlySCALANCE M876-4SCALANCE XC208G PoE (54 V DC)SIMATIC S7-1500 CPU 1515R-2 PNSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSCALANCE X200-4P IRTSIMATIC RF188CISIMATIC RF685RSCALANCE X308-2LDSCALANCE W774-1 RJ45 (USA)SIMATIC S7-1500 CPU 1518HF-4 PNSCALANCE X212-2LDSINAUT ST7CCSCALANCE W761-1 RJ45SCALANCE XR324-12M (230V, ports on front)SIPLUS S7-1200 CPU 1214C DC/DC/RLYSIPLUS NET CP 1543-1SCALANCE SC622-2CSIPLUS ET 200SP CPU 1512SP F-1 PN RAILSIMATIC CP 1543-1SIMATIC MV540 SSIPLUS NET SCALANCE XC208SIMATIC RF650RSCALANCE WUM766-1SCALANCE X302-7 EEC (2x 24V, coated)SCALANCE XR524-8C, 24V (L3 int.)SCALANCE XP208EECSCALANCE X308-2LH+SCALANCE XR526-8C, 1x230VSCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE W1750D (USA)SCALANCE XF202-2P IRTSIPLUS S7-1500 CPU 1511F-1 PNSCALANCE W774-1 RJ45SIMATIC S7-1200 CPU 1217C DC/DC/DCSIPLUS S7-1200 CPU 1214C AC/DC/RLYIndustrial Edge - SIMATIC S7 Connector AppSCALANCE WAM766-1SCALANCE XC216-3G PoETIA Portal Cloud V17SIMATIC S7-1200 CPU 1212FC DC/DC/RlySCALANCE XC224-4C G EECSIMATIC S7-1200 CPU 1215C DC/DC/RlySCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)OpenPCS 7 V8.2SCALANCE XB205-3 (ST, PN)SCALANCE X204-2SIMOCODE ES V15.1SCALANCE XC216-4C GSINAMICS Startdrive V16SIMATIC WinCC V15.1SIMATIC MV540 HSINEC NMSSCALANCE W788-2 RJ45SCALANCE XR526-8C, 24VSCALANCE X204-2FMSCALANCE W734-1 RJ45 (USA)SCALANCE XB208 (E/IP)RUGGEDCOM ROX RX1512SCALANCE W788-1 M12SIMATIC MV560 USIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNSIMATIC STEP 7 V17SCALANCE X204IRT PROSIMATIC S7-1500 CPU 1518-4 PN/DPSCALANCE X302-7 EEC (24V)SCALANCE W721-1 RJ45SCALANCE XR324-4M EEC (24V, ports on front)SCALANCE W1750D (JP)SCALANCE XC208GSCALANCE W1788-2 M12RUGGEDCOM ROX RX1500SCALANCE M874-3SCALANCE W786-2 SFPSCALANCE XR526-8C, 2x230VSIMOTIONSCALANCE XM416-4CSIMATIC STEP 7 V16SCALANCE XC206-2G PoESCALANCE XR528-6MSIMATIC CP 1542SP-1SCALANCE XF206-1SIPLUS NET SCALANCE X202-2P IRTSCALANCE X307-2 EEC (2x 230V, coated)SCALANCE XR526-8C, 2x230V (L3 int.)SCALANCE XC208EECSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XC206-2SFPSIPLUS S7-1500 CPU 1513-1 PNSCALANCE XF204-2BA IRTSIPLUS S7-1500 CPU 1513F-1 PNSCALANCE W774-1 M12 EECSIMATIC NET PC Software V16SIMATIC MV560 XOpenPCS 7 V9.0SCALANCE X202-2IRTSIMATIC S7-1500 CPU 1511F-1 PNSCALANCE X201-3P IRTSIPLUS S7-1200 CPU 1214C DC/DC/DCSCALANCE XC208SCALANCE X302-7 EEC (230V, coated)SIPLUS S7-1500 CPU 1515F-2 PN RAILSIMATIC S7-1500 CPU 1516TF-3 PN/DPSIMOTION SCOUT TIA V5.4SCALANCE XR524-8C, 2x230VSCALANCE W748-1 RJ45SIMATIC S7-1200 CPU 1214FC DC/DC/DCIndustrial Edge - OPC UA ConnectorSIMOTION SCOUT TIA V5.3SCALANCE SC642-2CSIMATIC CP 443-1 AdvancedSIMATIC CP 1243-7 LTE EUSCALANCE W788-1 RJ45SIMOCODE ES V16SCALANCE X204-2LDSCALANCE M876-3 (ROK)SIPLUS S7-1500 CPU 1515R-2 PNSIMATIC S7-1500 CPU 1518F-4 PN/DPSIMATIC S7-1500 CPU 1518TF-4 PN/DPSIPLUS TIM 1531 IRCSCALANCE XP216EECSCALANCE X208SCALANCE X307-2 EEC (230V)TIA Portal Cloud V16SIPLUS S7-1200 CPU 1215 DC/DC/RLYSCALANCE SC632-2CSIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PNSIMATIC S7-1500 CPU 1513F-1 PNSCALANCE XP216 (Ethernet/IP)SIPLUS S7-1500 CPU 1518HF-4 PNSIMATIC RF680RSCALANCE X224OpenPCS 7 V9.1SCALANCE M812-1 ADSL-RouterSCALANCE XB205-3 (SC, PN)SIMATIC ET 200SP CPU 1512SP F-1 PNSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE WAM763-1SCALANCE XB213-3LD (SC, E/IP)SIMATIC Drive Controller CPU 1504D TFSIMATIC S7-1500 CPU 1518T-4 PN/DPSCALANCE W738-1 M12SCALANCE M876-3SCALANCE XR324-4M PoE (230V, ports on rear)SCALANCE X310TIM 1531 IRCSCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XC216SIMATIC S7-1500 CPU 1517T-3 PN/DPRUGGEDCOM RM1224 LTE(4G) EUSIMATIC CP 1543SP-1SCALANCE XR552-12MSCALANCE XC206-2 (ST/BFOC)SCALANCE X308-2MSCALANCE M874-2SCALANCE W778-1 M12SCALANCE XB213-3 (ST, E/IP)SIMATIC WinCC V7.5SIMATIC S7-1500 CPU 1515TF-2 PNSCALANCE XC208G EECSIMATIC RF186CISCALANCE XB216 (E/IP)SCALANCE S615 EEC LAN-RouterSIMATIC CP 343-1 AdvancedSIMATIC S7-1500 CPU 1511-1 PNSCALANCE X201-3P IRT PROSIMATIC Drive Controller CPU 1507D TFSIPLUS S7-1200 CPU 1212C DC/DC/DCSCALANCE XF201-3P IRTSIPLUS S7-1500 CPU 1511-1 PN TX RAILRUGGEDCOM ROX MX5000RESCALANCE XM408-4CRUGGEDCOM ROX RX1536SCALANCE SC636-2CSIRIUS Safety ES V17 (TIA Portal)SIMATIC PCS 7 V9.1SCALANCE XF204 DNASIMATIC S7-1500 CPU 1516F-3 PN/DPSIMATIC RF360RSCALANCE X206-1SIMATIC PCS neo (Administration Console)SIMATIC Process Historian OPC UA ServerSCALANCE XC206-2SFP G EECSINAMICS Startdrive V17SCALANCE XF204SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SIPLUS S7-1500 CPU 1516-3 PN/DPSIMATIC S7-1200 CPU 1212C DC/DC/RlySIMATIC S7-1200 CPU 1215C AC/DC/RlySCALANCE X204-2TSSIMATIC S7-1500 CPU 1517F-3 PN/DPSIMATIC PCS 7 V8.2SIMATIC S7-1200 CPU 1212C DC/DC/DCSIMATIC ET 200SP CPU 1512SP-1 PNRUGGEDCOM CROSSBOW Station Access Controller (SAC)SCALANCE XC208G (EIP def.)SIPLUS S7-1500 CPU 1511-1 PNSCALANCE X307-2 EEC (2x 24V)SIPLUS S7-1200 CPU 1215FC DC/DC/DCSIMATIC S7-1200 CPU 1214C DC/DC/DCSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)SIMATIC S7-1500 Software Controller V2SCALANCE W778-1 M12 EEC (USA)SCALANCE X204IRTSCALANCE XC206-2G PoE (54 V DC)SIPLUS S7-1500 CPU 1516F-3 PN/DP RAILSCALANCE W734-1 RJ45SIMATIC S7-1500 CPU 1513-1 PNSIMATIC S7-1500 CPU 1517H-3 PNSIMATIC WinCC V7.3SCALANCE XC208G PoESCALANCE X307-3LDSIMATIC S7-1500 CPU 1511T-1 PNSCALANCE MUM856-1 (EU)SCALANCE XC224SCALANCE XM408-8C (L3 int.)SIMATIC NET PC Software V17SIMATIC Cloud Connect 7 CC712SCALANCE X307-2 EEC (2x 230V)SCALANCE XF204-2BA DNASCALANCE XR524-8C, 1x230V (L3 int.)SIMATIC S7-1500 CPU 1516-3 PN/DPSIMATIC CP 1545-1SIMATIC S7-1500 CPU 1515-2 PNSCALANCE X307-2 EEC (2x 24V, coated)SIPLUS S7-1200 CPU 1215C DC/DC/DCSIMATIC ET 200SP CPU 1510SP-1 PNSCALANCE XF208
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2022-25311
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.3||HIGH
EPSS-0.52% / 40.61%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 00:00
Updated-21 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation.

Action-Not Available
Vendor-Siemens AG
Product-sinema_serversinec_network_management_systemSINEC NMSSINEMA Server V14
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-24282
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-1.38% / 68.99%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 00:00
Updated-21 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinec_network_management_systemSINEC NMSSINEMA Server V14
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-24281
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-3.44% / 87.63%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 00:00
Updated-21 Apr, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_network_management_systemSINEC NMSSINEMA Server V14
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-33736
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-1.14% / 63.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-33734
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-27.68% / 97.86%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-33735
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-1.11% / 62.34%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-33733
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-15.38% / 96.42%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-33732
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.2||HIGH
EPSS-27.68% / 97.87%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

Action-Not Available
Vendor-Siemens AG
Product-sinec_nmsSINEC NMS
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • Previous
  • 1
  • 2
  • Next