12 matches found
EUVD-2011-4790
Malware in sbrugna...
Siemens’ software vulnerabilities, related to insufficient validation of input data, allow attackers to trigger service failures.
The vulnerability of Siemens’ software is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by sending specially crafted network packets to port 4840/TCP...
CVE-2019-6575
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions = V2.5 V2.6.1, SIMATIC S7-1500 Software Controller All versions between V2.5 including and V2.7 excluding, SIMATIC WinCC OA All versions...
CVE-2019-6575
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions = V2.5 V2.6.1, SIMATIC S7-1500 Software Controller All versions between V2.5 including and V2.7 excluding, SIMATIC WinCC OA All versions...
Siemens Industrial Products with OPC UA (Update H)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2. UPDATE INFORMATION This updated advisory is a follow-up to the...
Siemens OPC UA Protocol XML External Entity Vulnerability
Siemens industrial products are based on the OPC foundation of the OPC UAP protocol to discover and configure LAN device information. An XML external entity vulnerability exists in the Siemens OPC UA protocol, which can be exploited by an attacker to access various resources by sending specially...
CVE-2017-12069
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server LDS before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 All versions V8.1 and earlier, SIMATIC WinCC All versions V7.4 SP1, SIMATIC WinCC Runtime...
CVE-2017-12069
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server LDS before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 All versions V8.1 and earlier, SIMATIC WinCC All versions V7.4 SP1, SIMATIC WinCC Runtime...
Code injection
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service daemon crash via crafted requests to TCP port 4840...
CVE-2011-4873
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service daemon crash via crafted requests to TCP port 4840...
CVE-2011-4873
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service daemon crash via crafted requests to TCP port 4840...
CVE-2011-4873
CVE-2011-4873 affects Certec EDV GmbH atvise prior to version 2.1. A remote attacker can cause a denial of service (daemon crash) by sending specially crafted packets to TCP port 4840. Public exploits are noted. ICS-CERT reports that Certec released an updated atvise (≥2.1) to mitigate the issue....