28 matches found
CVE-2025-40753
A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...
Siemens SICAM Q100/Q200 Cleartext Storage of Sensitive Information (CVE-2025-40752)
Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
EUVD-2025-24241
Malicious code in bioql PyPI...
EUVD-2025-24242
Malicious code in bioql PyPI...
Siemens POWER METER SICAM Q100/Q200 Information Disclosure Vulnerability
SIEMENS POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 are multifunctional power quality recorders from Siemens. An information disclosure vulnerability exists in the Siemens POWER METER SICAM Q100/Q200, which can be exploited by an attacker to extract the password of an SMTP account a...
CVE-2025-40753
A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...
CVE-2025-40753
A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...
CVE-2025-40753
Affected devices POWER METER SICAM Q100 (versions 2.60–2.61) and Q200 (versions 2.70–2.79) export the SMTP password in plain text within the Configuration File. This local-authenticated exposure allows an attacker with access to the device to extract credentials and abuse the configured SMTP serv...
CVE-2025-40753
A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...
CVE-2025-40752
CVE-2025-40752 affects Siemens POWER METER SICAM Q100/Q200 (Q100 variants 2.60–2.61/2.60–2.61 for certain SKUs) and SICAM Q200 (2.70–2.79) where SMTP password is stored in cleartext. This allows an authenticated local attacker to read the SMTP credentials from the device configuration and abuse t...
Siemens POWER METER SICAM Q100和Siemens POWER METER SICAM Q200 安全漏洞
Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 are multifunctional power quality recorders from Siemens, Germany. A security vulnerability exists in Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 prior to version V2.62, which stems from the plaintext storage ...
PT-2025-32655 · Siemens · Sicam Q100 +1
Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extra...
PT-2025-32656 · Siemens · Sicam Q100 +1
Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices export the password for the SMTP account as plain text in the configuration file. This could allow an...
Siemens POWER METER SICAM Q100和Siemens POWER METER SICAM Q200 安全漏洞
Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 are multifunctional power quality recorders from Siemens, Germany. A security vulnerability exists in Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 versions prior to V2.62, which stems from a plaintext export of...
Siemens SICAM Q100/Q200
SUMMARY SICAM Q100 and Q200 devices are affected by two information disclosure vulnerabilities that could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes. Siemens has released new versions for the affected...
Siemens SICAM Q200 Devices Incorrect Permission Assignment For Critical Resource (CVE-2023-31238)
A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.60, POWER METER SICAM Q100 All versions V2.60, POWER METER SICAM Q100 All versions V2.60, POWER METER SICAM Q100 All versions V2.60. Affected devices are missing cookie protection flags when using the default settings. ...
Siemens SICAM Q200 Devices Cross-Site Request Forgery (CVE-2023-30901)
A vulnerability has been identified in POWER METER SICAM Q100 All versions V2.60, POWER METER SICAM Q100 All versions V2.60, POWER METER SICAM Q100 All versions V2.60, POWER METER SICAM Q100 All versions V2.60. The web interface of the affected devices are vulnerable to Cross-Site Request Forgery...
The vulnerability of Siemens SICAM Q200 multifunctional measuring devices lies in the improper assignment of permissions for critical resources, allowing intruders to increase their privileges.
The vulnerability of Siemens SICAM Q200 multifunctional measuring devices is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow a remote attacker to enhance their privileges...
The vulnerability in the web interface of Siemens SICAM Q200 multifunctional measuring devices allows a intruder to perform arbitrary actions.
The vulnerability of the web interface for controlling Siemens SICAM Q200 multifunctional measuring devices is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to perform arbitrary actions...
Siemens SICAM Q200 Cross-Site Request Forgery Vulnerability
The SICAM Q200 is a multifunctional device for detecting, reporting and analyzing measured values and events. A cross-site request forgery vulnerability exists in the Siemens SICAM Q200, which can be exploited by an attacker to perform arbitrary actions on the device on behalf of a vulnerable use...