Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2023-32643)

A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initi...

Siemens SIMATIC S7-1500 Insufficient Verification of Data Authenticity (CVE-2021-4122)

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that...

Siemens SIMATIC and SCALANCE Integer Overflow to Buffer Overflow (CVE-2025-0725)

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. This plugin only works with Tenable.ot. Please...

Siemens SIMATIC S7-1500 Deserialization of Untrusted Data (CVE-2023-32665)

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2021-36690)

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2020-29573)

sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

Siemens SIMATIC S7-1500 Heap-based Buffer Overflow (CVE-2023-4016)

Under some circumstances, this weakness allows a user who has access to run the ps utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2022-27779)

libcurl wrongly allows cookies to be set for Top Level Domains TLDs if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's cookie engine can bebuilt with or without Public Suffix Listawareness. If PSL support not provided, a more rudimentary check...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2019-19926)

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2024-50246)

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr allocsize check This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

Siemens SIMATIC S7-1500 Access of Resource Using Incompatible Type (CVE-2020-36229)

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Siemens SIMATIC S7-1500 Loop with Unreachable Exit Condition (CVE-2018-20482)

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

Siemens SIMATIC S7-1500 Premature Release of Resource During Expected Lifetime (CVE-2025-31115)

The threaded .xz decoder in liblzma has a vulnerability that can at least result in a crash denial of service. The effects include heap use after free and writing to an address based on the null pointer plus an offset. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2022-3715)

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parametertransform. This issue may lead to memory problems. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21712)

md/md-bitmap: vulnerability caused by bitmapgetstats can be called even if the bitmap is destroyed or not fully initialized, leading to a kernel crash, which is fixed by synchronizing bitmapgetstats with bitmapinfo.mutex. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Improper Validation of Specified Type of Input (CVE-2024-35809)

In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2016-3189)

Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends set to before the start of the block. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2020-25709)

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Insufficiently Protected Credentials (CVE-2022-27774)

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTPS redirects is used with authentication could leak credentials to other services that exist on different protocols ...

Siemens SIMATIC S7-1500 Buffer Copy without Checking Size of Input (CVE-2020-12723)

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...