CVE-2025-40937

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited...

CVE-2025-40937

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited...

CVE-2025-40937

CVE-2025-40937 affects Siemens SIMATIC CN 4100. Connected sources confirm a command-injection vulnerability due to insufficient REST API input validation, exploitable by an authenticated attacker to execute arbitrary code with limited privileges on all CN 4100 devices running versions older than ...

PT-2025-49844

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition...

Siemens SIMATIC CN 4100 信任管理问题漏洞

The Siemens SIMATIC CN 4100 is a communication node from Siemens Germany. A trust management issue vulnerability exists in Siemens SIMATIC CN 4100 versions prior to V4.0.1, which originates from storing sensitive information in the firmware and could lead to information disclosure...

PT-2025-49846

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

PT-2025-49845

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application exhibits inconsistent SNMP behavior, such as unexpected service availability and unreliable configuration handling across protocol versions. This could allow an attacker to access sensitive data,...

Siemens SIMATIC CN 4100

SUMMARY SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general...

Siemens SIMATIC CN 4100 访问控制错误漏洞

The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. The Siemens SIMATIC CN 4100 suffers from an Access Control Error vulnerability that originates when the USB port allows an unauthenticated connection, which can be exploited by an attacker to cause a denial of service...

Siemens SIMATIC CN 4100 命令注入漏洞

The Siemens SIMATIC CN 4100 is a communication node from Siemens, Germany. The Siemens SIMATIC CN 4100 suffers from a command injection vulnerability that stems from insufficient validation of REST API input parameters, which can be exploited by an attacker to cause execution of arbitrary code...

Siemens SIMATIC CN 4100 信息泄露漏洞

The Siemens SIMATIC CN 4100 is a communication node from Siemens Germany. An information disclosure vulnerability exists in Siemens SIMATIC CN 4100 versions prior to V4.0.1, which stems from inconsistent SNMP behavior and could lead to the disclosure of sensitive data...

Siemens SIMATIC S7-1500 Use After Free (CVE-2023-31248)

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nftchainlookupbyid failed to check whether a chain was active and CAPNETADMIN is in any user or network namespace This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

Siemens SIMATIC and SCALANCE Use After Free (CVE-2023-3776)

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker ca...

Siemens SIMATIC and SCALANCE Devices Use After Free (CVE-2023-3390)

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...

Siemens SIMATIC and SCALANCE Use After Free (CVE-2023-4128)

A use-after-free vulnerability in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak. This plugin only works with...

Siemens SIMATIC S7-1500 Use After Free (CVE-2019-5018)

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2020-13631)

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2022-46908)

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2020-19189)

Buffer Overflow vulnerability in postprocessterminfo function in tinfo/parseentry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Insufficiently Protected Credentials (CVE-2021-22923)

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often...