EUVD-2024-19192

Malicious code in bioql PyPI...

EUVD-2025-10336

Malicious code in bioql PyPI...

EUVD-2024-19647

Malicious code in bioql PyPI...

SIEMENS Desigo CC family and SENTRON Powermanager elevation of privilege vulnerability

The Desigo CC product range includes Desigo CC, an integrated building management platform for managing high-performance buildings, Desigo CC Compact, a tailored solution for small and medium-sized buildings, Desigo CC Connect, a software gateway based on the Desigo CC platform, and Cerberus DMS ...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...

Siemens Desigo CC Product Family and SENTRON Powermanager

SUMMARY Versions V5.0 through V8 of the Desigo CC product family Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS, as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful...

CVE-2024-21483

A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC 7KM3120-0BA01-1DA0 All versions = V3.2.3 = V3.2.3 = V3.2.3 = V3.2.3 V3.2.4 only when manufactured between LQN231003... and LQN231215... with LQNYYMMDD.... The read out protection of the internal flash of affected devices was not...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

Siemens SENTRON 7KT PAC1260 Data Manager Access Control Error Vulnerability (CNVD-2025-07812)

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An access control error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated report creation request, and can be exploite...

Unspecified Vulnerability in Siemens SENTRON 7KT PAC1260 Data Manager (CNVD-2025-07815)

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A security vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager that stems from a web interface of the affected device that allows the login password to be changed...

Siemens SENTRON 7KT PAC1260 Data Manager Path Traversal Vulnerability

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A path traversal vulnerability exists in Siemens SENTRON 7KT PAC1260 Data Manager, which arises from the program failing to correctly filter special elements in the path of a...

Siemens SENTRON 7KT PAC1260 Data Manager OS Command Injection Vulnerability

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the input parameter of a specific GET request, whic...

Siemens SENTRON 7KT PAC1260 Data Manager Trust Management Issue Vulnerability

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A trust management issue vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which stems from the presence of hard-coded credentials that can be exploited by an...

Siemens SENTRON 7KT PAC1260 Data Manager OS Command Injection Vulnerability (CNVD-2025-07809)

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the language parameter of a specific POST request,...

Siemens SENTRON 7KT PAC1260 Data Manager OS Command Injection Vulnerability (CNVD-2025-07810)

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the region parameter of a specific POST request,...

Unspecified Vulnerability in Siemens SENTRON 7KT PAC1260 Data Manager

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. A security vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager that stems from a web interface of the affected device that allows the login password to be changed...

Siemens SENTRON 7KT PAC1260 Data Manager Access Control Error Vulnerability

Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. An Access Control Error vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, which originates from an unauthenticated SSH service enabled endpoint, and can be...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional instrument for measuring parameters of electrical circuits, allows a hacker to gain access to read, modify, and delete data.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker to gain access to read, modify, and delet...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement devices for electrical networks lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to t...