400 matches found
PT-2025-16820 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used UpdateGateways method. This could allow an authenticated remote attacker...
PT-2025-16816 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used UpdateTcmSettings method. This could allow an authenticated remote...
PT-2025-16813 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...
PT-2025-16811 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...
PT-2025-16812 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...
PT-2025-16810 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used RestoreFromBackup method. This could allow an authenticated remote...
PT-2025-16809 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used Authenticate method. This could allow an unauthenticated remote attacker...
PT-2025-16807 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used CreateTrace method. This could allow an unauthenticated remote attacker ...
PT-2025-16808 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an unauthenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...
CVE-2024-44102
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 6NH9910-0AA31-0AE1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 256 to 1000 V3.1 6NH9910-0AA31-0AD1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 3...
CVE-2024-44102
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 6NH9910-0AA31-0AE1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 256 to 1000 V3.1 6NH9910-0AA31-0AD1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 3...
CVE-2024-44102
Summary: CVE-2024-44102 affects Siemens TeleControl Server Basic (various edition/versions listed in the CVE) where remote attackers can trigger a deserialization of user-supplied content, allowing an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. The root cause is ins...
CVE-2024-44102
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 6NH9910-0AA31-0AE1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 256 to 1000 V3.1 6NH9910-0AA31-0AD1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 3...
Siemens PP TeleControl Server 代码问题漏洞
TeleControl Server Basic allows remote monitoring and control of plants via WAN/LAN. A deserialization vulnerability exists in Siemens TeleControl Server Basic, which can be exploited by an attacker to execute arbitrary code on a device with SYSTEM privileges...
PT-2024-8008 · Unknown · Telecontrol Server Basic
Name of the Vulnerable Software and Affected Versions: PP TeleControl Server Basic versions prior to V3.1.2.1 with redundancy configured TeleControl Server Basic versions prior to V3.1.2.1 with redundancy configured Description: The affected system allows remote users to send maliciously crafted...
Siemens OPC Foundation Local Discovery Server Affecting Siemens Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2022-43513
A vulnerability has been identified in Automation License Manager V5 All versions, Automation License Manager V6 All versions V6.0 SP9 Upd4, TeleControl Server Basic V3 All versions V3.1.2. The affected components allow to rename license files with user chosen input without authentication. This...
CVE-2022-43514
A vulnerability has been identified in Automation License Manager V5 All versions, Automation License Manager V6 All versions V6.0 SP9 Upd4, TeleControl Server Basic V3 All versions V3.1.2. The affected component does not correctly validate the root path on folder related operations, allowing to...
CVE-2022-43514
A vulnerability has been identified in Automation License Manager V5 All versions, Automation License Manager V6 All versions V6.0 SP9 Upd4, TeleControl Server Basic V3 All versions V3.1.2. The affected component does not correctly validate the root path on folder related operations, allowing to...
CVE-2022-43513
A vulnerability has been identified in Automation License Manager V5 All versions, Automation License Manager V6 All versions V6.0 SP9 Upd4, TeleControl Server Basic V3 All versions V3.1.2. The affected components allow to rename license files with user chosen input without authentication. This...