795 matches found
PT-2026-24220
🚨CVE CVE-2026-25570 A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK does not perform checks on input values potentially resulting in s… https://t.co/bXy8yoTmX2 ----- Traducción: Se ha identificado… https://t.co/utmtNgl3sv...
Siemens SICAM SIAPP SDK 安全漏洞
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A buffer overflow vulnerability exists in Siemens SICAM SIAPP SDK versions prior to V2.1.7. The vulnerability stems from a client-side component that does not perform a maximum length check on certain variables before us...
Siemens SICAM SIAPP SDK has multiple vulnerabilities
The SICAM SIAPP SDK is a specialized toolkit designed to help developers build and simulate application containers that run on Siemens-specific hardware platforms. The Siemens SICAM SIAPP SDK contains multiple vulnerabilities that can be exploited by an attacker to compromise a customer-developed...
Siemens SICAM SIAPP SDK 安全漏洞
Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A path traversal vulnerability exists in the Siemens SICAM SIAPP SDK that originates from performing file deletion without properly validating the file path or destination, which can be exploited by an attacker to cause ...
PT-2026-24222
A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...
CVE-2020-10042
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network...
CVE-2020-10044
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the network could be able to install specially crafted firmware to the device...
CVE-2020-10040
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with local access to the device might be able to retrieve some passwords in clear text...
CVE-2020-10039
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to...
CVE-2020-10045
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web application...
CVE-2020-10041
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. A stored Cross-Site-Scripting XSS vulnerability is present in different locations of the web application. An attacker might be able to take over a session of a legitimate user...
CVE-2020-10043
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. The web server could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into accessing a malicious link...
CVE-2025-40753
A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extra...
Siemens SICAM Q100/Q200 Cleartext Storage of Sensitive Information (CVE-2025-40753)
Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. This plugin only works with Tenable.ot. Please visit...
Siemens SICAM Q100/Q200 Cleartext Storage of Sensitive Information (CVE-2025-40752)
Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
CISA Releases 18 Industrial Control Systems Advisories
CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...
Siemens SICAM P850 family and SICAM P855 family
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform arbitrary actions on the device on behalf of a legitimate user, or impersonate that user. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products such as Altair Grid Engine, COMOS, LOGO, SICAM, SIDOOR, SIMATIC, SIPLUS, Spectrum Power and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...
EUVD-2020-2506
Malware in sbrugna...
EUVD-2016-6783
Malware in sbrugna...