41 matches found
CVE-2022-33139
A vulnerability has been identified in Cerberus DMS All versions, Desigo CC All versions, Desigo CC Compact All versions, SIMATIC WinCC OA V3.16 All versions in default configuration, SIMATIC WinCC OA V3.17 All versions in non-default configuration, SIMATIC WinCC OA V3.18 All versions in...
EUVD-2018-16633
Malware in sbrugna...
EUVD-2018-5735
Malware in sbrugna...
EUVD-2014-1772
Malware in sbrugna...
EUVD-2022-47663
Malicious code in bioql PyPI...
CVE-2022-44731
A vulnerability has been identified in SIMATIC WinCC OA V3.15 All versions V3.15 P038, SIMATIC WinCC OA V3.16 All versions V3.16 P035, SIMATIC WinCC OA V3.17 All versions V3.17 P024, SIMATIC WinCC OA V3.18 All versions V3.18 P014. The affected component allows to inject custom arguments to the...
CVE-2022-44731
A vulnerability has been identified in SIMATIC WinCC OA V3.15 All versions V3.15 P038, SIMATIC WinCC OA V3.16 All versions V3.16 P035, SIMATIC WinCC OA V3.17 All versions V3.17 P024, SIMATIC WinCC OA V3.18 All versions V3.18 P014. The affected component allows to inject custom arguments to the...
Code injection
A vulnerability has been identified in SIMATIC WinCC OA V3.15 All versions V3.15 P038, SIMATIC WinCC OA V3.16 All versions V3.16 P035, SIMATIC WinCC OA V3.17 All versions V3.17 P024, SIMATIC WinCC OA V3.18 All versions V3.18 P014. The affected component allows to inject custom arguments to the...
CVE-2022-44731
The CVE-2022-44731 vulnerability affects Siemens SIMATIC WinCC OA Ultralight Client. The Ultralight Client backend can be injected with custom arguments under certain conditions when started via the web interface, enabling an authenticated remote attacker to inject parameters (e.g., open attacker...
CVE-2022-44731
A vulnerability has been identified in SIMATIC WinCC OA V3.15 All versions V3.15 P038, SIMATIC WinCC OA V3.16 All versions V3.16 P035, SIMATIC WinCC OA V3.17 All versions V3.17 P024, SIMATIC WinCC OA V3.18 All versions V3.18 P014. The affected component allows to inject custom arguments to the...
PT-2022-27287 · Siemens · Simatic Wincc
Name of the Vulnerable Software and Affected Versions: SIMATIC WinCC OA versions prior to V3.15 P038 SIMATIC WinCC OA versions prior to V3.16 P035 SIMATIC WinCC OA versions prior to V3.17 P024 SIMATIC WinCC OA versions prior to V3.18 P014 Description: A vulnerability allows injecting custom...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in Mendix, among others, Nucleus NET, RUGGEDCOM, SCALANCE, SICAM, SIMATIC, SIPROTEC and SIMATIC WinCC-OA. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF...
CVE-2022-44731
A vulnerability has been identified in SIMATIC WinCC OA V3.15 All versions V3.15 P038, SIMATIC WinCC OA V3.16 All versions V3.16 P035, SIMATIC WinCC OA V3.17 All versions V3.17 P024, SIMATIC WinCC OA V3.18 All versions V3.18 P014. The affected component allows to inject custom arguments to the...
CVE-2022-33139
A vulnerability has been identified in Cerberus DMS All versions, Desigo CC All versions, Desigo CC Compact All versions, SIMATIC WinCC OA V3.16 All versions in default configuration, SIMATIC WinCC OA V3.17 All versions in non-default configuration, SIMATIC WinCC OA V3.18 All versions in...
Default configuration
A vulnerability has been identified in Cerberus DMS All versions, Desigo CC All versions, Desigo CC Compact All versions, SIMATIC WinCC OA V3.16 All versions in default configuration, SIMATIC WinCC OA V3.17 All versions in non-default configuration, SIMATIC WinCC OA V3.18 All versions in...
CVE-2022-33139
Summary: CVE-2022-33139 affects Cerberus DMS, Desigo CC/CC Compact, and SIMATIC WinCC OA (V3.16–V3.18) when only client-side authentication is used and neither server-side authentication (SSA) nor Kerberos is enabled. In this configuration, attackers could impersonate other users or exploit the c...
CVE-2022-33139
A vulnerability has been identified in Cerberus DMS All versions, Desigo CC All versions, Desigo CC Compact All versions, SIMATIC WinCC OA V3.16 All versions in default configuration, SIMATIC WinCC OA V3.17 All versions in non-default configuration, SIMATIC WinCC OA V3.18 All versions in...
Memory Corruption Vulnerability in Multiple Siemens Products
Siemens SIMATIC WinCC OA Open Architecture is a SCADA system from Siemens, Germany, and a component of the HMI series. The system is mainly used in industries such as rail transportation, building automation and public power supply.Information Server is used to report and visualize process data...
CVE-2019-6575
CVE-2019-6575 affects Siemens industrial products using OPC UA, including SIMATIC CP443-1 OPC UA, ET 200 Open Controller CPU 1515SP PC2, HMI Outdoor Panels (7"/15"), HMI Comfort Panels (4"–22"), KTP Mobile Panels, IPC DiagMonitor, NET PC Software, RF188C, RF600R, S7‑1500 family, WinCC OA/Runtime,...
WIBU SYSTEMS AG WibuKey Digital Rights Management (Update B)
1. EXECUTIVE SUMMARY CVSS v3 10.0 --------- Begin Update B Part 1 of 4 --------- ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: WIBU-SYSTEMS AG Equipment: WibuKey Digital Rights Management DRM --------- End Update B Part 1 of 4 ---------...