60 matches found
Stack overflow
A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...
CVE-2021-25676
A vulnerability has been identified in RUGGEDCOM RM1224 V6.3, SCALANCE M-800 V6.3, SCALANCE S615 V6.3, SCALANCE SC-600 All Versions = V2.1 and V2.1.3. Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will...
CVE-2021-25667
A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...
CVE-2021-25667
The CVE-2021-25667 vulnerability affects Siemens SCALANCE and RUGGEDCOM devices, involving a stack-based buffer overflow in handling STP BPDU frames. Affected products include:RUGGEDCOM RM1224 (v4.3–< v4.6), SCALANCE M-800 (v4.3–< v4.6), SCALANCE S615 (v4.3–< v4.6), SCALANCE XR-300WG (pr...
PT-2021-7788 · Siemens · Scalance X-200 +8
Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RM1224 versions 4.3 through 6.3 SCALANCE M-800 versions 4.3 through 6.3 SCALANCE S615 versions 4.3 through 6.3 SCALANCE SC-600 Family versions 2.0 through 2.1.2 SCALANCE XB-200 versions prior to 4.1 SCALANCE XC-200 versions prior to...
CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
Design/Logic Flaw
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
CVE-2020-25705
CVE-2020-25705 is a Linux kernel ICMP handling flaw that lets an off-path attacker bypass UDP source port randomization and rapidly scan open UDP ports. Affected products include various kernel versions and embedded/Linux-based devices; remediation is via kernel updates (e.g., CentOS/AlmaLinux ad...
CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
ICSA-19-253-03_Siemens Industrial Products (Update P)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Excessive Data Query Operations in a Large Data Table, Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2. UPDATE INFORMATION...
Siemens SCALANCE S615 6GK5615-0AA00-2AA2 LAN router
Binary data 764596.prm...
Siemens Multiple Devices Profinet DCP Denial of Service
Binary data 720110.prm...
Siemens SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 (Update C)
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit. Vendor: Siemens --------- Begin Update C Part 1 of 3 -------- Equipment: SCALANCE W1750D, M800, S615, and RUGGEDCOM RM1224 --------- End Update C Part 1 of 3 -------- Vulnerabilities: Resource...
CVE-2016-7090
The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
CVE-2016-7090
The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
CVE-2016-7090
The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
CVE-2016-7090
CVE-2016-7090 affects Siemens SCALANCE M-800 and S615 modules with firmware before 4.02. The integrated web server fails to set the Secure attribute on the session cookie in HTTPS, enabling cookie capture if the cookie is transmitted in an insecure (HTTP) context. Affected products: SCALANCE M-80...
Siemens SCALANCE M-800/S615 Web Vulnerability
OVERVIEW Siemens has identified a web security vulnerability in Siemen’s SCALANCE M-800 and S615 modules. This vulnerability was reported directly to Siemens by Alexander Van Maele and Tijl Deneut from HOWEST. Siemens has produced a new firmware version to mitigate this vulnerability. AFFECTED...
Siemens Industrial Products glibc Library Vulnerability (Update C)
OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-103-01B Siemens Industrial Products glibc Library Vulnerability that was published July 14, 2016, on the NCCIC/ICS-CERT web site. Siemens reports that a buffer overflow vulnerability in the glibc library could...