831 matches found
CVE-2021-40358
A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions V9.0 SP3 UC04, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions...
CVE-2022-24287
A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions V9.0 SP3 UC06, SIMATIC PCS 7 V9.1 All versions V9.1 SP1 UC01, SIMATIC WinCC Runtime Professional V16 and earlier All versions, SIMATIC WinCC Runtime Professional V17 All versions V17 Upd4,...
CVE-2024-35783
A vulnerability has been identified in SIMATIC BATCH V9.1 All versions, SIMATIC Information Server 2020 All versions V2020 SP2 Update 5, SIMATIC Information Server 2022 All versions V2022 SP1 Update 2, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC06, SIMATIC Process Historian 2020 All versions V202...
PT-2024-9404 · Siemens · Sinamics Startdrive +11
Name of the Vulnerable Software and Affected Versions: SIMATIC S7-PLCSIM versions 17 through 18 SIMATIC STEP 7 Safety versions 17 through 19 SIMATIC STEP 7 versions 17 through 19 SIMATIC WinCC Unified PC Runtime versions 18 through 19 SIMATIC WinCC Unified versions 17 through 19 SIMATIC WinCC...
Siemens Industrial Product Null Pointer Dereference Vulnerability
SIMATIC CP 1242 and CP 1243 associated processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other data encryption protocols.SIMATIC HMI Panels are used for operator...
The vulnerability of the local database of Siemens SIMATIC PCS 7, OpenPCS 7, and SCADA systems SIMATIC WinCC allows a hacker to execute arbitrary code with elevated privileges.
The vulnerability of the local database of Siemens SIMATIC PCS 7, OpenPCS 7, and SCADA systems SIMATIC WinCC is related to errors in privilege management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges remotely...
CVE-2024-35783
CVE-2024-35783 affects Siemens SIMATIC SCADA/PCS7 family (e.g., SIMATIC BATCH, Information Server, PCS 7, Process Historian, WinCC variants). The root cause is privilege-management errors allowing the database server to run with elevated privileges, enabling an authenticated attacker to execute a...
CVE-2024-35783
A vulnerability has been identified in SIMATIC BATCH V9.1 All versions, SIMATIC Information Server 2020 All versions V2020 SP2 Update 5, SIMATIC Information Server 2022 All versions V2022 SP1 Update 2, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC06, SIMATIC Process Historian 2020 All versions V202...
Siemens SIMATIC WinCC Information Disclosure Vulnerability (CNVD-2024-32687)
Siemens SIMATIC PCS 7 is a process control system from Siemens, Germany.SIMATIC WinCC is an automated data acquisition and monitoring SCADA system.SIMATIC WinCC Runtime Professional is a runtime platform for operator visualization, machine and device control and monitoring. equipment control and...
CVE-2024-30321
A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 5, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 2, SIMATIC WinCC V7.4 All versions V7.4 SP1 Update 23, SIMATIC WinCC V7.5 All...
CVE-2023-32735
A vulnerability has been identified in SIMATIC STEP 7 Safety V16 All versions V16 Update 7, SIMATIC STEP 7 Safety V17 All versions V17 Update 7, SIMATIC STEP 7 Safety V18 All versions V18 Update 2, SIMATIC STEP 7 V16 All versions V16 Update 7, SIMATIC STEP 7 V17 All versions V17 Update 7, SIMATIC...
CVE-2024-30321
A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 5, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 2, SIMATIC WinCC V7.4 All versions V7.4 SP1 Update 23, SIMATIC WinCC V7.5 All...
CVE-2024-30321
The CVE-2024-30321 issue affects Siemens SIMATIC WinCC family (PCS 7 V9.1; WinCC Runtime Professional V18/V19; WinCC V7.4/7.5/8.0) where the web interface mishandles certain requests, enabling an unauthenticated remote attacker to disclose privileged information such as users and passwords. Root ...
CVE-2023-32735
A vulnerability has been identified in SIMATIC STEP 7 Safety V16 All versions V16 Update 7, SIMATIC STEP 7 Safety V17 All versions V17 Update 7, SIMATIC STEP 7 Safety V18 All versions V18 Update 2, SIMATIC STEP 7 V16 All versions V16 Update 7, SIMATIC STEP 7 V17 All versions V17 Update 7, SIMATIC...
CVE-2023-32735
CVE-2023-32735 describes a deserialization vulnerability in Siemens SIMATIC/WinCC/STEP 7 and related components where the Configuration Handler does not properly restrict the .NET BinaryFormatter when deserializing hardware configuration profiles. This can lead to type confusion and arbitrary cod...
Siemens SIMATIC WinCC和Siemens SIMATIC PCS 安全漏洞
Siemens SIMATIC PCS 7 is a process control system from Siemens, Germany.SIMATIC WinCC is an automated data acquisition and monitoring SCADA system.SIMATIC WinCC Runtime Professional is a runtime platform for operator visualization, machine and device control and monitoring. equipment control and...
Siemens SIMATIC WinCC
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens (China) Ltd. WinCC suffers from Denial of Service Vulnerability (CNVD-C-2024-309044)
WinCC is a SCADA system for a wide range of industries that allows you to access devices, extract smart data, analyze data and report on it from your mobile. A denial of service vulnerability exists in Siemens China Ltd WinCC, which can be exploited by attackers to cause a denial of service...
CVE-2023-46280
A vulnerability has been identified in Security Configuration Tool SCT All versions, SIMATIC Automation Tool All versions V5.0 SP2, SIMATIC BATCH V9.1 All versions V9.1 SP2 Upd5, SIMATIC NET PC Software V16 All versions V16 Update 8, SIMATIC NET PC Software V17 All versions, SIMATIC NET PC Softwa...
CVE-2023-46280
CVE-2023-46280 is an out-of-bounds read vulnerability reported in Siemens products (SCT, SIMATIC tools, WinCC OA, WinCC Runtime/Portal, S7 tools, PDM, TIA Portal components, SINEC NMS, etc.). The flaw can lead to a Blue Screen of Death by corrupting kernel state on Windows when exploited locally ...