Lucene search
K

148 matches found

CNNVD
CNNVD
added 2023/10/10 12:0 a.m.4 views

Siemens SICAM PAS/PQS 安全漏洞

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited by an attacker to read and modify configuration data in the context of an...

6.6CVSS6.8AI score0.00149EPSS
Exploits0References2
ICS
ICS
added 2023/10/10 12:0 a.m.39 views

Siemens SICAM PAS/PQS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.6CVSS5.6AI score0.00149EPSS
Exploits0References12
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/06/05 2:6 p.m.3 views

Malicious code in fc-persoonlijke-pas (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ddadd77308256ef0411fae17ee4490cc470cd0234b284b8fe4b240e203586da4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNVD
CNVD
added 2022/12/14 12:0 a.m.14 views

Siemens SICAM PAS/PQS Input Validation Error Vulnerability

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0, SICAM PAS/PQS versions 7.0 through V8.06, which stems from an inability to properly validate the inpu...

7.5CVSS7.4AI score0.00919EPSS
Exploits0References1
CNVD
CNVD
added 2022/12/14 12:0 a.m.15 views

Siemens SICAM PAS/PQS Sensitive Information Plaintext Transfer Vulnerability

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 due to the affected software transmitting database credentials for the built-in SQL server in clear...

9.8CVSS9.8AI score0.00622EPSS
Exploits0References1
CNVD
CNVD
added 2022/12/14 12:0 a.m.20 views

Siemens SICAM PAS/PQS Uncontrolled Search Path Element Vulnerability

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 that stems from a failure to properly protect the containing folder. An attacker can exploit the...

7.8CVSS7.5AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2022/12/13 4:15 p.m.13 views

CVE-2022-43723

A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...

7.5CVSS0.00919EPSS
Exploits0References1
NVD
NVD
added 2022/12/13 4:15 p.m.9 views

CVE-2022-43722

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...

7.8CVSS0.00217EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.4 views

CVE-2022-43722

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...

7.8CVSS5.7AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2022/12/13 4:15 p.m.9 views

CVE-2022-43724

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...

9.8CVSS0.00622EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.2 views

CVE-2022-43723

A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...

7.5CVSS5.7AI score0.00919EPSS
Exploits0References1
Prion
Prion
added 2022/12/13 4:15 p.m.14 views

Design/Logic Flaw

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...

7.5CVSS9.7AI score0.00622EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/13 4:15 p.m.12 views

Design/Logic Flaw

A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...

5CVSS7.8AI score0.00919EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/13 4:15 p.m.16 views

Code injection

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that...

4.4CVSS7.9AI score0.00217EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.5 views

Siemens SICAM PAS/PQS 输入验证错误漏洞

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0, SICAM PAS/PQS versions 7.0 through V8.06, which stems from an inability to properly validate the inpu...

7.5CVSS6.6AI score0.00919EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.3 views

CVE-2022-43723

A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...

7.3AI score0.00919EPSS
Exploits0References1
CVE
CVE
added 2022/12/13 12:0 a.m.56 views

CVE-2022-43724

CVE-2022-43724 affects Siemens SICAM PAS/PQS prior to V7.0. The vulnerability arises because the software transmits database credentials for the built-in SQL server in cleartext, and with default-enabled xp_cmdshell, an unauthenticated remote attacker could execute arbitrary OS commands. The issu...

9.8CVSS9.7AI score0.00622EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/13 12:0 a.m.47 views

CVE-2022-43723

CVE-2022-43723 affects Siemens SICAM PAS/PQS where the s7ontcp.dll fails to properly validate a certain input parameter. This allows an unauthenticated remote attacker to send messages and trigger a denial-of-service by crashing the application. Public details in multiple sources confirm affected...

7.5CVSS7.4AI score0.00919EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.4 views

CVE-2022-43724

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...

8.3AI score0.00622EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.8 views

CVE-2022-43723

A vulnerability has been identified in SICAM PAS/PQS All versions = 7.0 V8.06. Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the...

7.6AI score0.00919EPSS
Exploits0References1
Rows per page
Query Builder