114 matches found
Siemens多款产品 跨站脚本漏洞
The Siemens SIMATIC Drive Controller is a series of drive controllers developed by the German company Siemens. Several Siemens products have a cross-site scripting vulnerability. This vulnerability arises from improper validation and cleaning of PLC/site names on the Web interface communication...
Siemens RUGGEDCOM, SCALANCE and SIMATIC Out-of-bounds Read (CVE-2021-3712)
ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...
Siemens SCALANCE and RUGGEDCOM Missing Authentication for Critical Function (CVE-2025-32433)
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...
CVE-2025-40944
A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...
PT-2026-2354
A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...
Siemens SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-44952)
driver core: vulnerability due to a potential deadlock due to improper handling of device attributes and driver detachment, which has been fixed by using synchronizercu to prevent race conditions. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50181)
clk: imx: Remove CLKSETPARENTGATE for DRAM mux for i.MX7D. For i.MX7D DRAM related mux clock, the clock source change should ONLY be done done in low level asm code without accessing DRAM, and then calling clk API to sync the HW clock status with clk tree, it should never touch real clock source...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56610)
kcsan: Turn reportfilterlistlock into a rawspinlock, with a KCSAN- enabled PREEMPTRT kernel, we can see splats like sleeping function called from invalid context at kernel/locking/spinlockrt.c:48. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42086)
iio: chemical: bme680: overflows in compensate functions. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504511; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56781)
powerpc/prominit: missing powermac size-cells. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504722; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41070)
KVM: PPC: Book3S HV: UAF in kvmspaprtceattachiommugroup. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504613; scriptversion"1.3";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56704)
9p/xen: A fix release of IRQ Kernel logs indicate an IRQ was double- freed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504663;...
Siemens SCALANCE and RUGGEDCOM Devices Improper Validation of Array Index (CVE-2024-56785)
MIPS: Loongson64: DTS: issues with PCIe port nodes for ls7a. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504762; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2023-52887)
net: can: j1939: vulnerability related to error handling for closely received RTS messages in xtprxrtssessionnew, which is addressed by replacing less informative backtraces with a new method that provides clearer error messages and allows for early termination of problematic sessions. This plugi...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56747)
scsi: qedi: vulnerability involves a potential memory leak in qediallocandinitsb where the DMA memory sbvirt is not released upon failure, which is fixed by adding dmafreecoherent to free the memory, similar to other functions like qedrallocmemsb and qedeallocmemsb. This plugin only works with...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43883)
usb: vhci-hcd: vulnerability due to the vhci-hcd driver dropping references before new ones were gained, potentially leading to the use of stale pointers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53197)
ALSA: usb-audio: vulnerability leading to out-of-bound accesses due to a bogus device providing an excessive bNumConfigurations value, which is fixed by ensuring proper allocation in usbgetconfiguration. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53052)
iouring/rw: vulnerability due to iouring not checking for IOCBNOWAIT when starting an ODIRECT write, leading to potential deadlocks if the mount point is being frozen. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-47698)
drivers: media: dvb-frontends/rtl2832: An out-of-bounds access occurs if rtl2832pidfilter exceed 31, which was not verified. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56630)
ocfs2: iput is not called when newinode succeeded and dquotinitialize failed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504545;...