Lucene search
+L

366 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.9 views

CVE-2021-37181

A vulnerability has been identified in Cerberus DMS V4.0 All versions, Cerberus DMS V4.1 All versions, Cerberus DMS V4.2 All versions, Cerberus DMS V5.0 All versions v5.0 QU1, Desigo CC Compact V4.0 All versions, Desigo CC Compact V4.1 All versions, Desigo CC Compact V4.2 All versions, Desigo CC...

10CVSS7.3AI score0.0189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:51 p.m.5 views

CVE-2021-31887

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

8.8CVSS7.6AI score0.02371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.7 views

CVE-2021-41545

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...

7.5CVSS6.6AI score0.00868EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:25 p.m.5 views

CVE-2020-15792

A vulnerability has been identified in Desigo Insight All versions. The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack...

4.3CVSS7.6AI score0.00995EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:25 p.m.7 views

CVE-2020-15794

A vulnerability has been identified in Desigo Insight All versions. Some error messages in the web application show the absolute path to the requested resource. This could allow an authenticated attacker to retrieve additional information about the host system...

4.3CVSS6.4AI score0.00774EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:25 p.m.6 views

CVE-2020-15793

A vulnerability has been identified in Desigo Insight All versions. The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could allow an unauthenticated attacker to retrieve or modify data in the context of a legitimate user by...

5.8CVSS6.8AI score0.00736EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:4 p.m.8 views

CVE-2020-10055

A vulnerability has been identified in Desigo CC V4.x, Desigo CC V3.x, Desigo CC Compact V4.x, Desigo CC Compact V3.x. Affected applications are delivered with a 3rd party component BIRT that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The...

9.8CVSS8.6AI score0.05978EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:6 a.m.6 views

CVE-2019-13927

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...

5.3CVSS7.1AI score0.01675EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/15 10:10 a.m.14 views

CVE-2024-23815

A vulnerability has been identified in Desigo CC All versions if access from Installed Clients to Desigo CC server is allowed from networks outside of a highly protected zone, Desigo CC All versions if access from Installed Clients to Desigo CC server is only allowed within highly protected zones...

8.7CVSS8.2AI score0.00469EPSS
Exploits0References1
NCSC
NCSC
added 2025/05/14 7:13 a.m.10 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Apogee, BacNet ATEC, Desigo CC, Intralog, OZW, Polarion, RUGGEDCOM, SICAM, SIMATIC, SIPROTEC, SIRIUS, Teamcenter and Versicharge The vulnerabilities potentially enable a malicious person to launch attacks that could result in the...

10CVSS8.4AI score0.14859EPSS
Exploits2References14
NVD
NVD
added 2025/05/13 10:15 a.m.17 views

CVE-2024-23815

A vulnerability has been identified in Desigo CC All versions if access from Installed Clients to Desigo CC server is allowed from networks outside of a highly protected zone, Desigo CC All versions if access from Installed Clients to Desigo CC server is only allowed within highly protected zones...

8.7CVSS0.00469EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/13 9:38 a.m.5 views

CVE-2024-23815

A vulnerability has been identified in Desigo CC All versions if access from Installed Clients to Desigo CC server is allowed from networks outside of a highly protected zone, Desigo CC All versions if access from Installed Clients to Desigo CC server is only allowed within highly protected zones...

8.7CVSS7.9AI score0.00469EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:38 a.m.23 views

CVE-2024-23815

A vulnerability has been identified in Desigo CC All versions if access from Installed Clients to Desigo CC server is allowed from networks outside of a highly protected zone, Desigo CC All versions if access from Installed Clients to Desigo CC server is only allowed within highly protected zones...

8.7CVSS0.00469EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 9:38 a.m.57 views

CVE-2024-23815

The CVE-2024-23815 entry concerns Siemens Desigo CC. Affected: Desigo CC server (all versions) where Installed Clients can reach the server from networks outside a highly protected zone, or only within highly protected zones. Issue: the server fails to authenticate certain client requests, allowi...

8.7CVSS8.4AI score0.00469EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

Siemens Desigo CC 访问控制错误漏洞

Siemens Desigo CC is an open building management platform from Siemens, Germany, used to produce comfortable, safe and efficient facilities. An access control error vulnerability exists in Siemens Desigo CC, which stems from the server application not validating a specific client request, which...

8.7CVSS7.3AI score0.00469EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.12 views

PT-2025-20843 · Siemens · Desigo Cc

Name of the Vulnerable Software and Affected Versions: Desigo CC All versions if access from Installed Clients to Desigo CC server is allowed from networks outside of a highly protected zone Desigo CC All versions if access from Installed Clients to Desigo CC server is only allowed within highly...

8.7CVSS7.4AI score0.00469EPSS
Exploits0References6
ICS
ICS
added 2025/05/13 12:0 a.m.6 views

Siemens Desigo

SUMMARY Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability...

8.7CVSS8.1AI score0.00469EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/02/04 11:45 p.m.17 views

CVE-2024-22041

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...

7.5CVSS6.9AI score0.00508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:41 p.m.9 views

CVE-2024-22039

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions IP8, Cerberus PRO EN Fire Panel FC72x IP6 All versions IP6 SR3, Cerberus PRO EN Fire Panel FC72x IP7 All versions IP7 SR5, Cerberus PRO EN X200 Cloud Distribution IP7 All versions V3.0.6602, Cerberus PRO EN X200...

10CVSS7.6AI score0.00813EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.7 views

The vulnerability of the Desigo Insight building management software lies in the improper restriction on the visible layers of the user interface. This allows a hacker to redirect users to any desired website.

The vulnerability of the Desigo Insight building management software is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to redirect users to any desired website...

6.4CVSS6AI score0.00736EPSS
Exploits0References6
Rows per page
Query Builder