Lucene search
K

830 matches found

Prion
Prion
added 2012/02/03 8:55 p.m.18 views

Directory traversal

Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is...

9.3CVSS7.2AI score0.09847EPSS
Exploits0References9Affected Software3
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.27 views

CVE-2011-4511

Cross-site scripting XSS vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime...

5.5AI score0.01516EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.34 views

CVE-2011-4510

Cross-site scripting XSS vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime...

5.5AI score0.01516EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.30 views

CVE-2011-4508

The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication token...

6.6AI score0.03119EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.25 views

CVE-2011-4877

HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cau...

6.5AI score0.07527EPSS
Exploits0References8
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.26 views

CVE-2011-4878

Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexibl...

6.6AI score0.12067EPSS
Exploits0References8
CVE
CVE
added 2012/02/03 8:0 p.m.64 views

CVE-2011-4875

CVE-2011-4875 corresponds to a stack-based buffer overflow in the HmiLoad runtime loader of Siemens WinCC flexible (versions 2004, 2005, 2007, 2008) and WinCC V11 (TIA Portal) including SIMATIC HMI panels and WinCC V11 Runtime Advanced. The root cause is improper handling/validation of Unicode st...

9.3CVSS8.2AI score0.14013EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.29 views

CVE-2011-4514

The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attacker...

6.4AI score0.03522EPSS
Exploits0References2
CVE
CVE
added 2012/02/03 8:0 p.m.58 views

CVE-2011-4513

CVE-2011-4513 affects Siemens WinCC Flexible (2004–2008), WinCC V11 (TIA Portal), SIMATIC HMI panels (TP/OP/MP/Comfort/Mobile), and WinCC Runtime Advanced/Flexible Runtime. The vulnerability allows user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the...

10CVSS7.8AI score0.04846EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/02/03 8:0 p.m.68 views

CVE-2011-4508

CVE-2011-4508: Insecure, predictable authentication token generation in Siemens WinCC/HMI web servers (WinCC flexible 2004–2008 before SP3; WinCC V11 before SP2 Update 1; and related HMI panels) allows remote attackers to bypass authentication by crafting cookies. Affected components include HMI ...

9.3CVSS6.8AI score0.03119EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/02/03 8:0 p.m.56 views

CVE-2011-4514

CVE-2011-4514 concerns the TELNET daemon in Siemens WinCC flexible (2004–2008) and WinCC V11 (TIA Portal), plus related SIMATIC HMI panels, which does not perform authentication, enabling remote access via TCP sessions. Affected products include WinCC flexible 2004/2005/2007/2008, WinCC V11, TP/O...

10CVSS6.6AI score0.03522EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/02/03 8:0 p.m.53 views

CVE-2011-4512

CVE-2011-4512 is a CRLF/header-injection vulnerability in the Siemens SIMATIC WinCC/HMI web server. Affected products include WinCC flexible 2004/2005/2007/2008 before SP3; WinCC V11 (TIA Portal) before SP2 Update 1; multiple SIMATIC HMI panels (TP/OP/MP/Comfort/Mobile); WinCC V11 Runtime Advance...

5CVSS6.9AI score0.01752EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.26 views

CVE-2011-4876

Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is...

6.6AI score0.09847EPSS
Exploits0References9
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.27 views

CVE-2011-4879

miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle UR...

6.6AI score0.12545EPSS
Exploits0References8
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.35 views

CVE-2011-4513

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file,...

7.5AI score0.04846EPSS
Exploits0References2
CVE
CVE
added 2012/02/03 8:0 p.m.62 views

CVE-2011-4511

CVE-2011-4511 is a cross-site scripting (XSS) vulnerability in the Siemens SIMATIC WinCC HMI web server. Affected products (per ICS-CERT) include WinCC flexible 2004/2005/2007/2008 (before SP3), WinCC V11 (TIA Portal) before SP2 Update 1, and multiple SIMATIC HMI panels plus WinCC V11 Runtime Adv...

4.3CVSS5.7AI score0.01516EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/02/03 8:0 p.m.55 views

CVE-2011-4877

CVE-2011-4877 affects Siemens WinCC flexible products (2004–2008) and related SIMATIC HMI panels, WinCC V11 Runtime Advanced, and WinCC flexible Runtime. The issue lies in HmiLoad in the runtime loader; when Transfer Mode is enabled, sending crafted data over TCP can cause a remote denial of serv...

7.1CVSS6.7AI score0.07527EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2012/02/03 8:0 p.m.31 views

CVE-2011-4509

The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 aka TIA portal; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account...

6.5AI score0.0217EPSS
Exploits0References2
CVE
CVE
added 2012/02/03 8:0 p.m.57 views

CVE-2011-4879

Siemens WinCC/HMI Web Server vulnerability CVE-2011-4879: the HMI web server (miniweb.exe) fails to properly handle URIs beginning with 0xfa, enabling remote memory reads or DoS via crafted POST requests. Affected products include WinCC flexible 2004–2008 (pre-SP3), WinCC V11 (TIA Portal) before ...

8.5CVSS6.9AI score0.12545EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2012/02/03 8:0 p.m.56 views

CVE-2011-4878

Siemens WinCC/HMI Web Server is vulnerable to a directory traversal in the HMI web server component (miniweb.exe) affecting WinCC flexible 2004–2008, WinCC V11 (TIA Portal) before SP2 Update 1, and related SIMATIC HMI panels and runtimes. Root cause: improper validation of HTTP/URI strings allows...

7.8CVSS6.8AI score0.12067EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder