CVE-2024-41983

The CVE affects SmartClient modules in Opcenter QL Home, SOA Audit, and SOA Cockpit. Affected versions are SmartClient Opcenter QL Home and related modules from 13.2 up to 2505 (approx.

CVE-2024-41982

CVE-2024-41982 affects SmartClient Opcenter QL Home, SOA Audit, and SOA Cockpit with SmartClient versions 13.2 through 2505; root cause is lack of adequate encryption of sensitive information. Patched versions >= 2506 are available as remediation. (Connected PT-2025-32640 confirms the version ...

CVE-2024-41980

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive...

CVE-2024-41979

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not enforce mandatory authorization on some functionality level at server side. This could allow an authenticated attacker to gain complete acce...

Siemens多款产品 安全漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A security vulnerability exists in various Siemens products that stems from improper authorization and could result in full access to the application. The following products and versions are affected: SmartClien...

Siemens SmartClient modules Opcenter QL Home 安全漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A security vulnerability exists in Siemens SmartClient modules Opcenter QL Home, which originates from the display of SQL statements in error messages and could lead to information disclosure...

PT-2025-32643 · Smartclient · Soa Audit +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application does not expire sessions upon user inactivity...

PT-2025-32641 · Smartclient · Soa Audit +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application displays SQL statements in error messages...

Siemens多款产品 安全漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A security vulnerability exists in various Siemens products, which stems from mishandling of errors and could lead to the exposure of system applications. The following products and versions are affected:...

Siemens多款产品 加密问题漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A vulnerability exists in various Siemens products due to an encryption issue that stems from support for the insecure TLS protocol, which could lead to a man-in-the-middle attack. The following products and...

PT-2025-32642 · Smartclient · Opcenter Ql Home +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application improperly handles errors when accessing an...

Siemens多款产品 安全漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A security vulnerability exists in various Siemens products that stems from insufficient encryption of sensitive information, which could lead to the disclosure of sensitive information. The following products a...

Siemens多款产品 代码问题漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A code issue vulnerability exists in various Siemens products, which stems from an unexpired session that could lead to unauthorized access. The following products and versions are affected: SmartClient modules...

Siemens SmartClient modules Opcenter QL Home 安全漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens, Germany. A security vulnerability exists in Siemens SmartClient modules Opcenter QL Home, which stems from unencrypted LDAP communication and could lead to the disclosure of sensitive information...

PT-2025-32639 · Smartclient · Smartclient Opcenter Ql Home +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application does not encrypt communication in the LDAP...

Siemens Opcenter Quality

SUMMARY The Opcenter Quality is affected by multiple vulnerabilities in the SmartClient modules Opcenter QL Home SC, SOA Audit and SOA Cockpit. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

PT-2025-32638 · Smartclient · Smartclient Opcenter Ql Home +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application does not enforce mandatory authorization on...

PT-2025-32640 · Smartclient · Smartclient Soa Audit +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application lacks adequate encryption of sensitive...

CVE-2020-9353

An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...

CVE-2020-9352

An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...