Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

SINEMA Remote Connect Client

Source -

CNA

CNA CVEs -

9

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
9Vulnerabilities found
CVE-2025-30033
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.01% / 0.76%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:16
Updated-10 Mar, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.

Action-Not Available
Vendor-Siemens AG
Product-Siemens Network Planner (SINETPLAN)SIMATIC PCS 7 Advanced Process Functions V2.1SIMATIC Process Historian 2022SIMIT Simulation PlatformSIMATIC WinCC V8.1SIMATIC STEP 7 CFC V20SIMATIC PCS 7 Industry Library V10.0TIA Portal Cloud ConnectorSIMATIC Logon V1.6SINEMA Remote Connect ClientSIMATIC PDM V9.2Standard PID CTRL ToolSIMATIC WinCC Runtime Professional V20SIMIT Rapid TesterCreate MyConfig (CMC)SINAMICS Startdrive V19SIMATIC PCS 7 Advanced Process Graphics V10.0SINAMICS Startdrive V20SIMATIC Automation Tool SDK WindowsSIMATIC MTP Integrator V1.xSIMATIC STEP 7 V5.7CEMAT V10.0SIMATIC WinCC Unified SequenceOpenPCS 7 V10.0SIMATIC eaSie Core PackageTIA Project-ServerSIMATIC MTP CREATOR V2.xSIMATIC S7-Fail-safe Configuration Tool (S7-FCT)SIMATIC Automation ToolSIMATIC S7 F Systems V6.3SIMATIC WinCC Runtime ProfessionalTotally Integrated Automation Portal (TIA Portal) V19SIMATIC MTP Integrator V2.xWinCC Panel Image SetupSIMATIC ProSave V17SIMATIC WinCC Visualization Architect (SiVArc) V17SIMATIC PCS neo V5.0SIMATIC S7-1500 Software Controller V3SIMATIC Route Control V9.1SIMATIC ProSave V18SIMATIC NET PC Software V20Modular PID CTRL ToolSIMATIC Energy Suite V18SIMATIC D7-SYSSIMATIC PCS 7 Industry Library V9.0SIMATIC NET PC Software V19SIMATIC Process Function Library (PFL) V4.0SINAMICS Startdrive V18MultiFieldbus Configuration Tool (MFCT)FM Configuration PackageSIMATIC Logon V2.0SIMATIC eaSie Workflow SkillsSIMATIC S7-PLCSIM V20CP PtP Param configuring interfaceSIMATIC NET PC Software V17SIMATIC PCS 7 PowerControlSIMATIC MTP CREATOR V4.xSIMATIC BATCH V10.0SIMATIC PCS 7 V10.0SIMATIC eaSie Document SkillsSIMATIC WinCC Visualization Architect (SiVArc) V19Automation License Manager V6.0SIMATIC ProSave V20SIMATIC PCS 7 Advanced Process Faceplates V9.1SIMATIC Process Historian 2020SIMATIC Energy Suite V19SIMATIC PCS 7 Logic Matrix V10.0SIMATIC PCS neo V6.0SIMATIC S7-PLCSIM V17SIMATIC S7 F Systems V6.4SIMATIC S7-PLCSIM AdvancedTotally Integrated Automation Portal (TIA Portal) V17SIMATIC MTP CREATOR V5.xSIMATIC WinCC Runtime AdvancedSIMATIC S7-PLCSIM V18SIMATIC ProSave V19SIMATIC Energy Suite V17SIMATIC MTP CREATOR V3.xEnergy Support Library (EnSL)SIMATIC PCS 7 Standard Chemical Library V10.0SITRANSSIMATIC Management AgentSIMATIC PCS 7 Advanced Process Functions V2.2SIMATIC ODK 1500SSIMATIC WinCC Unified PC Runtime V19SIMATIC BATCH V9.1TIA Portal Test Suite V19SIMATIC PCS 7 MPC ConfiguratorSIMATIC STEP 7 CFC V19OpenPCS 7 V9.1SIMATIC PCS 7 Basis Faceplates V9.1SIMATIC WinCC V8.0TIA AdministratorAutomation License Manager V6.2SIMATIC S7-1500 Software Controller V2SIMATIC Control Function Library (CFL) V1.xSIMATIC PDM Maintenance Station V5.0SIMATIC WinCC Unified Line CoordinationSIMATIC PCS 7 Basis Library V9.1SIMATIC Control Function Library (CFL) V2.xSIMATIC WinCC V7.5SIMATIC PCS 7 Advanced Process Library incl. Faceplates V10.0SIMATIC PCS 7 Standard Chemical Library V9.1SIMATIC WinCC flexible ESSIMATIC Route Control V10.0SIMATIC WinCC Visualization Architect (SiVArc) V18TIA Portal Test Suite V20SIMATIC S7-PLCSIM V19SIMATIC NET PC Software V18SINAMICS Startdrive V17Totally Integrated Automation Portal (TIA Portal) V18SIMATIC Safety MatrixTIA Project-Server V17SIMATIC WinCC Unified PC Runtime V20Totally Integrated Automation Portal (TIA Portal) V20SIMATIC WinCC TeleControlSINEC NMSSIMATIC PCS 7/OPEN OS V9.1SIMATIC Process Historian 2024TIA Portal Test Suite V18SIMATIC WinCC Visualization Architect (SiVArc) V20SIMATIC PDM V9.3SIMATIC PCS 7 Basis Library V10.0SIMATIC WinCC Unified PC Runtime V18SIMATIC Control Function Library (CFL) V4.xSIMATIC PCS 7 Logic Matrix V9.1SIMATIC PCS 7 TeleControlSIMATIC PCS 7 V9.1SIMATIC TargetSIMATIC Management ConsoleSIMATIC S7-PCTSIMATIC NET PC Software V16TIA Portal Test Suite V17SIMATIC PCS 7 Advanced Process Library V9.1TeleControl Server Basic V3.1SIMATIC eaSie PCS 7 Skill PackageSIMATIC Control Function Library (CFL) V3.xSIMATIC PCS 7 Advanced Process Graphics V9.1SIMATIC PCS 7 Industry Library V9.1
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-42344
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-4.8||MEDIUM
EPSS-0.09% / 25.98%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-10 Sep, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Client
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-33698
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-9.3||CRITICAL
EPSS-3.29% / 87.22%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

Action-Not Available
Vendor-Siemens AG
Product-SINEMA Remote Connect ClientTotally Integrated Automation Portal (TIA Portal) V16SINEC NMSSIMATIC PCS neo V4.1SIMATIC PCS neo V5.0Opcenter QualityTotally Integrated Automation Portal (TIA Portal) V17SIMATIC PCS neo V4.0Totally Integrated Automation Portal (TIA Portal) V19Opcenter RDnLTotally Integrated Automation Portal (TIA Portal) V18totally_integrated_automation_portalsimatic_information_serversimatic_pcs_neo
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-32006
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 14.31%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 09:36
Updated-20 Aug, 2025 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application does not expire the user session on reboot without logout. This could allow an attacker to bypass Multi-Factor Authentication.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Client
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2024-39569
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-2.45% / 85.22%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an administrative remote attacker running a corresponding SINEMA Remote Connect Server to execute arbitrary code with system privileges on the client system.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39568
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.33% / 56.05%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading proxy configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-39567
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.43% / 62.28%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 12:05
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Clientsinema_remote_connect_client
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-22045
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.6||HIGH
EPSS-0.36% / 57.83%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 10:21
Updated-01 Aug, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connect_clientSINEMA Remote Connect Client
CWE ID-CWE-538
Insertion of Sensitive Information into Externally-Accessible File or Directory
CVE-2021-31338
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.81%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 10:00
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.0 SP1). Affected devices allow to modify configuration settings over an unauthenticated channel. This could allow a local attacker to escalate privileges and execute own code on the device.

Action-Not Available
Vendor-Siemens AG
Product-sinema_remote_connectSINEMA Remote Connect Client
CWE ID-CWE-15
External Control of System or Configuration Setting