26 matches found
Siemens Desigo CC Product Family and SENTRON Powermanager
SUMMARY Versions V6.0 through V8 QU1 of the Desigo CC product family Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS, as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime...
EUVD-2016-9971
Malware in sbrugna...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...
Siemens Desigo CC 访问控制错误漏洞
Siemens Desigo CC is an open building management platform from Siemens, Germany, used to produce comfortable, safe and efficient facilities. An access control error vulnerability exists in Siemens Desigo CC, which stems from the server application not validating a specific client request, which...
Siemens Desigo PXM Devices Improper Neutralization of Input During Web Page Generation (CVE-2022-40178)
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...
Siemens Desigo PXC Improper Authentication (CVE-2018-4834)
A remote attacker with network access to the device could potentially upload a new firmware image to the devices without prior authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens Desigo PXM Devices Cross-Site Request Forgery (CVE-2022-40180)
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...
Siemens Desigo PXC and DXR Devices Use of Password Hash with Insufficient Computational Effort (CVE-2022-24041)
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...
Siemens Desigo PXC and DXR Devices Sensitive Cookie in Https Session Without Secure Attribute (CVE-2022-24045)
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...
Siemens Desigo PX Devices External Control of Assumed-Immutable Web Parameter (CVE-2019-13927)
A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...
PT-2022-25258 · Siemens · Desigo Pxm40-1 +9
Name of the Vulnerable Software and Affected Versions: Desigo PXM30-1 versions prior to V02.20.126.11-41 Desigo PXM30.E versions prior to V02.20.126.11-41 Desigo PXM40-1 versions prior to V02.20.126.11-41 Desigo PXM40.E versions prior to V02.20.126.11-41 Desigo PXM50-1 versions prior to...
PT-2022-25261 · Siemens · Desigo Pxm40-1 +9
Name of the Vulnerable Software and Affected Versions: Desigo PXM30-1 versions prior to V02.20.126.11-41 Desigo PXM30.E versions prior to V02.20.126.11-41 Desigo PXM40-1 versions prior to V02.20.126.11-41 Desigo PXM40.E versions prior to V02.20.126.11-41 Desigo PXM50-1 versions prior to...
多款Siemens产品跨站脚本漏洞
Siemens Desigo PX is a building automation control system from Siemens Germany. Several Siemens products have an open redirection vulnerability, which stems from the fact that the device's embedded browser does not prevent interaction with an alternate URI scheme when the Web application code...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
Unspecified Vulnerability in Siemens Desigo PXC and DXR Devices (CNVD-2022-36376)
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
PT-2022-3460 · Siemens · Desigo Pxc4 +3
Name of the Vulnerable Software and Affected Versions: Desigo DXR2 versions prior to V01.21.142.5-22 Desigo PXC3 versions prior to V01.21.142.4-18 Desigo PXC4 versions prior to V02.20.142.10-10884 Desigo PXC5 versions prior to V02.20.142.10-10884 Description: The issue is related to an error in...
多款Siemens产品代码问题漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...