6 matches found
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-13106)
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens TeleControl Server Basic
SUMMARY TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges. Siemens has released a new version for TeleControl Server Basic and recommends to update to the latest version. 2...
Siemens Gridscale X Prepay
SUMMARY Gridscale X Prepay contains multiple vulnerabilities that could allow an attacker to enumerate valid user names and to bypass locked-out user sessions. Siemens has released a new version for Gridscale X Prepay and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS...
Siemens SIMATIC Devices Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-41850)
roccatreportevent in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report-value is in progress. This plugin only works with Tenable.ot. Please visit...
Critical Remote Code-Execution Bugs Threaten Global Power Plants
Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used fo...
Siemens Update Patches SIMATIC PCS 7 Bug in Some Versions
Siemens has made an update available for some of its SIMATIC PCS 7 distributed control systems that are impacted by a remotely exploitable input validation vulnerability. Siemens said version 8.2 and V8.1 prior to 8.1 SP1 with WinCC v7.3 Update 13 are affected. “Successful exploitation of this...