33 matches found
Siemens SIMATIC HMI Comfort Panels 安全漏洞
Siemens SIMATIC HMI Comfort Panels are touchscreen devices produced by the German company Siemens. There are security vulnerabilities in Siemens SIMATIC HMI Comfort Panels. These vulnerabilities stem from improper restrictions on access to web browsers through the control panel. This allows...
EUVD-2019-8900
Malware in sbrugna...
CVE-2023-28827
A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.5.20...
CVE-2022-40227
A vulnerability has been identified in SIMATIC HMI Comfort Panels incl. SIPLUS variants All versions V17 Update 4, SIMATIC HMI KTP Mobile Panels All versions V17 Update 4, SIMATIC HMI KTP1200 Basic All versions V17 Update 5, SIMATIC HMI KTP400 Basic All versions V17 Update 5, SIMATIC HMI KTP700...
Siemens SIMATIC HMI Comfort Panels 输入验证错误漏洞
Siemens SIMATIC HMI Comfort Panels is a touch panel device from Siemens Germany. Multiple Siemens products are vulnerable to an input validation error, which stems from the inability of the affected device to properly validate input sent to certain services over TCP. An unauthenticated remote...
CVE-2022-40227
CVE-2022-40227 affects Siemens SIMATIC HMI panels (Comfort Panels with SIPLUS variants, KTP Mobile/KTP1200/400/700/900 basic variants and corresponding SIPLUS models). The issue is improper input validation for TCP services, allowing an unauthenticated remote attacker to cause a permanent denial-...
Authentication flaw
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products SINAMICS SL15...
CVE-2021-31337
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products SINAMICS SL15...
PT-2021-19246
Name of the Vulnerable Software and Affected Versions SIMATIC HMI Comfort Panels affected versions not specified SINAMICS SL150: All versions SINAMICS SM150: All versions SINAMICS SM150i: All versions Description The issue concerns the Telnet service of the SIMATIC HMI Comfort Panels system...
CVE-2021-27384
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...
CVE-2021-25662
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...
CVE-2019-19276
A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI KTP Mobile Panels All versions V16 Update 4. Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manu...
CVE-2021-27385
CVE-2021-27385 affects Siemens SmartVNC-related components. A remote attacker can send specially crafted packets to the SmartVNC device layout handler on the client side, causing uncontrolled resource consumption and a Denial-of-Service (infinite loop) condition. Affected products include SIMATIC...
CVE-2021-25661
CVE-2021-25661 is an out-of-bounds memory access vulnerability in SmartVNC that can be triggered on the client side when data is sent from the server, potentially causing a Denial-of-Service. Affected products include SIMATIC WinCC Runtime Advanced and related HMI/SU panels (Outdoor Panels v15/v1...
CVE-2021-25662
The CVE-2021-25662 entry concerns SmartVNC’s handling of exceptions when the program execution process is modified after a packet is sent from the server, which could trigger a Denial-of-Service condition. Affected products include Siemens SIMATIC HMI Comfort Outdoor Panels (V15/V16 series), SIMA...
CVE-2021-25660
The CVE-2021-25660 entry maps to Siemens SmartVNC/WinCC/HMI components with an out-of-bounds memory access vulnerability that can trigger a Denial-of-Service on the server side (and related variants on the client side). Affected products include SIMATIC HMI Comfort Outdoor Panels (various V15/V16...
CVE-2019-19276
CVE-2019-19276 affects Siemens SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS) and SIMATIC HMI KTP Mobile Panels, all versions prior to version 16 update 4. The root cause is an out-of-bounds write (CWE-787) triggered by specially crafted UDP packets to port 161, causing the SNMP service...
CVE-2020-15798
A vulnerability has been identified in SIMATIC HMI Comfort Panels incl. SIPLUS variants All versions V16 Update 3a, SIMATIC HMI KTP Mobile Panels All versions V16 Update 3a, SINAMICS GH150 All versions, SINAMICS GL150 with option X30 All versions, SINAMICS GM150 with option X30 All versions,...
CVE-2020-15798
CVE-2020-15798 affects Siemens SIMATIC HMI Comfort Panels (incl. SIPLUS) and SIMATIC HMI KTP Mobile Panels, plus several SINAMICS models (GH150, GL150 X30, GM150 X30, SH150, SL150, SM120, SM150, SM150i). The vulnerability arises from the Telnet service not requiring authentication, allowing a rem...
CVE-2020-15787
A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels All versions = V16. Affected devices insufficiently validate authentication attempts as the information given can be truncated to match only a set number of characters versus the whole provided string. This could allow a...