Lucene search
K

17 matches found

CNNVD
CNNVD
added 2025/08/12 12:0 a.m.7 views

Siemens多款产品 代码问题漏洞

Siemens SIMATIC STEP and Siemens SIMATIC S7-PLCSIM V17 are both products of Siemens, Germany.Siemens SIMATIC STEP is a comprehensive engineering tool for configuring and programming SIMATIC controllers.Siemens SIMATIC S7-PLCSIM V17 is a PLC program simulation software. PLCSIM V17 is a PLC program...

8.5CVSS6.9AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.4 views

Siemens SIMATIC PCS和SIMATIC STEP 代码问题漏洞

SIMATIC PCS neo is a distributed control system DCS. simatic STEP 7 TIA Portal is an engineering software for configuring and programming simatic controllers. totally Integrated Automation Portal TIA Portal is a PC software that offers the complete range of Siemens digital automation services, fr...

8.5CVSS7.6AI score0.00227EPSS
Exploits0References3
CISA
CISA
added 2023/06/15 12:0 p.m.3 views

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on June 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-166-01 SUBNET PowerSYSTEM Center ICSA-23-166-02 Advantech WebAccessSCADA...

7.1AI score
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.6 views

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting the startup process of SIRIUS Soft Starter ES, the web-based systems for managing technological processes like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators like SIMATIC IT LMS. These vulnerabilities arise from the absence of quotation marks in the wording of elements or search methods, which allows attackers to exploit them to gain elevated privileges to the root level.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

6.8CVSS7AI score0.00379EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.8 views

Vulnerabilities of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting device startup data (SIRIUS Soft Starter ES), technological process control systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators SIMATIC IT LMS. These vulnerabilities may allow a intruder to trigger malfunctions during maintenance operations due to improper cleaning or resource release.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

6.5CVSS7.3AI score0.02484EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.10 views

Vulnerability of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting the startup status of SIRIUS Soft Starter ES, technological process management systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators like SIMATIC IT LMS. These vulnerabilities allow attackers to trigger malfunctions during maintenance operations due to insufficient input data verification.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

5.3CVSS6.7AI score0.02151EPSS
Exploits0References2Affected Software7
ATTACKERKB
ATTACKERKB
added 2022/04/12 9:15 a.m.1 views

CVE-2021-42029

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal V15 All versions, SIMATIC STEP 7 TIA Portal V16 All versions V16 Update 5, SIMATIC STEP 7 TIA Portal V17 All versions V17 Update 2. An attacker could achieve privilege escalation on the web server of certain devices due to improper...

7.8CVSS7AI score0.0023EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2021/12/15 12:0 a.m.7 views

VulnCheck KEV: CVE-2012-3015

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder...

6.9CVSS5.8AI score0.00455EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/16 12:0 a.m.3 views

Integer Overflow Vulnerability in the sacommoncontrols.dll Control for Siemens SIMATIC STEP 7

Siemens SIMATIC STEP 7 TIA Portal is a suite of programming software for SIMATIC controllers from Siemens, Germany. The software provides PLC programming, design option packages and advanced drive technology. An integer overflow vulnerability exists in the sacommoncontrols.dll control of Siemens...

7.1AI score
Exploits0
CNVD
CNVD
added 2019/09/16 12:0 a.m.3 views

Siemens SIMATIC STEP 7 S7HTREEX.OCX control has an out-of-bounds access vulnerability

Siemens SIMATIC STEP 7 TIA Portal is a suite of programming software for SIMATIC controllers from Siemens, Germany. The software provides PLC programming, design option packages and advanced drive technology. An out-of-bounds access vulnerability exists in the S7HTREEX.OCX control of Siemens...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/09/16 12:0 a.m.2 views

Integer Overflow Vulnerability in S7hcom_x.dll Control for Siemens SIMATIC STEP 7

Siemens SIMATIC STEP 7 TIA Portal is a suite of programming software for SIMATIC controllers from Siemens, Germany. The software provides PLC programming, design option packages and advanced drive technology. An integer overflow vulnerability exists in the S7hcomx.dll control for Siemens SIMATIC...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/08/09 12:0 a.m.5 views

Siemens SIMATIC STEP 7 and WinCC Privilege Management Vulnerability

Siemens SIMATIC STEP 7 TIA Portal and WinCC TIA Portal are both products of Siemens, Germany.Siemens SIMATIC STEP 7 TIA Portal is a programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology, etc. WinCC TIA Portal is a...

8.6CVSS8.6AI score0.00443EPSS
Exploits0References1
OSV
OSV
added 2018/08/07 3:29 p.m.4 views

CVE-2018-11454

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...

8.6CVSS5.7AI score0.00443EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/10/05 12:0 a.m.4 views

The vulnerability of the microprogramming software of Siemens SIMATIC STEP 7 (TIA Portal) arises from the improper storage of common keys in TIA project files. This allows attackers to gain access to confidential information.

The vulnerability of the microprogramming software of Siemens SIMATIC STEP 7 TIA Portal is related to the improper storage of common keys in TIA project files. Exploiting this vulnerability can allow an intruder, operating locally, to gain access to confidential information...

1.9CVSS5.5AI score0.00297EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2016/10/13 10:59 a.m.5 views

CVE-2016-7960

Siemens SIMATIC STEP 7 TIA Portal before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors...

2.5CVSS5.8AI score0.00332EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2014/11/11 12:40 p.m.15 views

Stuxnet's First Five Victims Provided Path to Natanz

Stuxnet’s first five victims were a carefully crafted list of targets that ultimately provided the attackers with the road map they needed to get inside a uranium enrichment plant in Natanz, Iran and disrupt the country’s nuclear program. Cobbled together from clues left behind by the infamous...

1.3AI score
Exploits0References1
ICS
ICS
added 2014/01/08 12:0 p.m.238 views

USB Malware Targeting Siemens Control Software (Update C)

Overview VirusBlokAda, an antivirus vendor based in Belarus, announcedVirusBlokAda, http://www.anti-virus.by/en/tempo.shtml, website last visited July 15, 2010. the discovery of malware that uses a zero-day vulnerability in Microsoft Windows processing of shortcut files. The malware utilizes this...

9.3CVSS8AI score0.91324EPSS
Exploits13References24
Rows per page
Query Builder