27 matches found
Siemens SCALANCE Improper Input Validation (CVE-2020-26145)
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2021-3520)
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2021-41617)
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27024)
Vulnerability in the Linux kernel: net/rds: WARNING in rdsconnconnectifdown If connection isn't established yet, getmr will fail, trigger connection after getmr. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35967)
Bluetooth: SCO: Fix not validating setsockopt user input This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503473; scriptversion"1.2";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2023-52447)
bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the ref-counter of the inner map directly through bpfmapput, if the...
Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35915)
nfc: nci: Fix uninit-value in ncidevup and ncintfpacket This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503499; scriptversion"1.2";...
Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35973)
geneve: fix header validation in genevexmitskb This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503444; scriptversion"1.2";...
EUVD-2022-34361
Malicious code in bioql PyPI...
CVE-2025-40759
A vulnerability has been identified in SIMATIC S7-PLCSIM V17 All versions, SIMATIC STEP 7 V17 All versions V17 Update 9, SIMATIC STEP 7 V18 All versions, SIMATIC STEP 7 V19 All versions V19 Update 4, SIMATIC STEP 7 V20 All versions V20 Update 4, SIMATIC WinCC V17 All versions V17 Update 9, SIMATI...
Siemens SIMATIC S7-1500 TM MFP BIOS Out-of-bounds Write (CVE-2022-4378)
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE W700 NULL Pointer Dereference (CVE-2023-28484)
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
PT-2024-8714 · Siemens · Scalance Wam766-1 +15
Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RM1224 LTE4G EU versions prior to V8.2 RUGGEDCOM RM1224 LTE4G NAM versions prior to V8.2 SCALANCE M804PB versions prior to V8.2 SCALANCE M812-1 ADSL-Router versions prior to V8.2 SCALANCE M816-1 ADSL-Router versions prior to V8.2...
Siemens Third Party Component in SICAM products Copy without Checking Size of Input (CVE-2024-34057)
Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service. This plugin only works with Tenable.ot. Please visit...
PT-2024-5283 · Siemens · Siprotec 5
Name of the Vulnerable Software and Affected Versions: SIPROTEC 5 6MD84 CP300 versions prior to V9.64 SIPROTEC 5 6MD85 CP200 versions prior to V9.64 SIPROTEC 5 6MD85 CP300 versions prior to V9.64 SIPROTEC 5 6MD86 CP200 versions prior to V9.64 SIPROTEC 5 6MD86 CP300 versions prior to V9.64 SIPROTE...
PT-2023-5159 · Siemens · Tecnomatix Plant Simulation +2
Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...
The vulnerability of Siemens’ software and hardware infrastructure, which arises due to the failure to take measures to neutralize specific elements, allows a perpetrator to execute arbitrary code.
Siemens’ software-hardware vulnerabilities exist due to the lack of measures taken to neutralize these special elements. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...
The vulnerability of Siemens’ software and hardware infrastructure lies in the lack of measures taken to eliminate script-related tags on web pages, allowing attackers to carry out cross-site scripting attacks.
The vulnerability of Siemens’ software and hardware infrastructure is related to the failure to remove script-related HTML tags from web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
PT-2021-22878 · Siemens · Simatic Pcs 7 +1
Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions prior to V9.1 SP1 SIMATIC PCS 7 version V8.2 SIMATIC PCS 7 version V9.0 through V9.0 SP3 UC03 SIMATIC WinCC versions prior to V15 SP1 Update 7 SIMATIC WinCC versions prior to V16 Update 5 SIMATIC WinCC versions prior to...
SIMATIC PCS 7 和 SIMATIC WinCC 授权问题漏洞
Siemens SIMATIC WinCC is an automated data acquisition and monitoring SCADA system from Siemens, Germany. A security vulnerability exists in Siemens SIMATIC WinCC. The vulnerability is caused due to an insecure password authentication process, which can be exploited by an attacker to bypass the...