Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary

SUMMARY RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P and recommends to update to the latest version. 2...

Siemens TeleControl Server Basic SQL

SUMMARY TeleControl Server Basic before V3.1.2.2 contains multiple SQL Injection vulnerabilities that could allow an attacker to read and write to the application's DB, cause denial of service and execute code in an OS shell with limited "NT AUTHORITY\NetworkService" permissions. Siemens has...

Siemens Questa and ModelSim

SUMMARY Questa and ModelSim incl. OEM Editions are affected by a vulnerability that could allow a local attacker to inject arbitrary code and escalate privileges. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL...

Siemens SICAM P850 and SICAM P855 Improper Neutralization of Input During Web Page Generation (CVE-2022-29882)

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P855 All versions V3.00. Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses th...

Siemens SCALANCE W1750D Improper Input Validation (CVE-2021-25148)

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba h...