12 matches found
Siemens SIMATIC S7 PLC Web Server
SUMMARY SIMATIC S7 PLCs contain multiple vulnerabilities in the web server that could allow an attacker to perform cross-site scripting attacks. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix...
Siemens SIMATIC S7-1500 Signal Handler Race Condition (CVE-2025-4598)
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non- SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the origin...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27052)
Vulnerability in Linux kernel: wifi: rtl8xxxu: add cancelworksync for c2hcmdwork The workqueue might still be running, when the driver is stopped. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-26950)
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
CVE-2021-40360
A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...
Siemens SIMATIC PCS 7 安全漏洞
Siemens SIMATIC PCS 7 is a process control system from Siemens, Germany. A security vulnerability exists in Siemens SIMATIC PCS 7, which can be exploited by an attacker to alter the contents of certain metafiles...
SIMATIC S7-300 has a Denial of Service Vulnerability
The S7-300 is a modular compact PLC system. A denial of service vulnerability exists in SIMATIC S7-300, which can be exploited by an attacker to cause a denial of service to the server...
Denial of Service Vulnerability in Siemens SIMATIC S7-1200
The SIMATIC S7-1200 is a compact, modular PLC that performs tasks such as simple logic control, advanced logic control, HMI and network communications. A denial of service vulnerability exists in the Siemens SIMATIC S7-1200, which can be exploited by an attacker to cause a denial of service by...
The vulnerability of the communication module processors in the SIMATIC S7-300 CPU family and the SINUMERIK 840D controller allows a intruder to trigger a service failure.
The vulnerability of the communication module processors in the SIMATIC S7-300 CPU family and the SINUMERIK 840D controller is related to uncontrolled resource consumption exhaustion. Exploiting this vulnerability can allow an attacker to trigger a service failure through specially created packet...
Siemens SIMATIC S7-400 Input Validation Vulnerability
Siemens SIMATIC S7-400 is a programmable logic controller for manufacturing and process automation from Siemens, Germany. An input validation vulnerability exists in the Siemens SIMATIC S7-400 product, which can be exploited by an attacker to cause a service crash via a specially crafted packet...
SIMATIC S7-300 and S7-400 CPU Information Disclosure Vulnerability
SIMATIC S7-300 CPUs and S7-400 CPUs are central processing unit modules for programmable controllers from Siemens. An information disclosure vulnerability exists in the SIMATIC S7-300 CPUs and S7-400 CPUs. An attacker could exploit this vulnerability to gain access to sensitive information...
CVE-2016-3949
Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service defect-mode transition via crafted 1 ISO-TSAP or 2 Profibus packets...