39 matches found
CVE-2023-27465
A vulnerability has been identified in SIMOTION C240 All versions = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4, SIMOTION D445-2 DP/PN All versions = V5.4 = V5.4 = V5.4, SIMOTION P320-4 S All versions = V5.4. When operated with Security Level Low the device does not protect acces...
CVE-2023-27465
A vulnerability has been identified in SIMOTION C240 All versions = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4, SIMOTION D445-2 DP/PN All versions = V5.4 = V5.4 = V5.4, SIMOTION P320-4 S All versions = V5.4. When operated with Security Level Low the device does not protect acces...
Design/Logic Flaw
A vulnerability has been identified in SIMOTION C240 All versions = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4, SIMOTION D445-2 DP/PN All versions = V5.4 = V5.4 = V5.4, SIMOTION P320-4 S All versions = V5.4. When operated with Security Level Low the device does not protect acces...
CVE-2023-27465
CVE-2023-27465 affects Siemens SIMOTION products (C240, C240 PN, D410-2/PN, D425-2/PN, D435-2/PN, D445-2/PN, D455-2/PN, P320-4 E/S) with V5.4–V5.5 SP1. Root cause: lack of protection for debugging-related services when Security Level Low, enabling an unauthenticated attacker to extract confidenti...
CVE-2023-27465
A vulnerability has been identified in SIMOTION C240 All versions = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4, SIMOTION D445-2 DP/PN All versions = V5.4 = V5.4 = V5.4, SIMOTION P320-4 S All versions = V5.4. When operated with Security Level Low the device does not protect acces...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in SIMATIC, SICAM, SIMOTION, WinCC, Solid Edge and Scalance products. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data...
PT-2023-3372 · Siemens · Simotion D435-2 Dp +6
Name of the Vulnerable Software and Affected Versions: SIMOTION C240 versions 5.4 through 5.5 SP1 SIMOTION C240 PN versions 5.4 through 5.5 SP1 SIMOTION D410-2 DP versions 5.4 through 5.5 SP1 SIMOTION D410-2 DP/PN versions 5.4 through 5.5 SP1 SIMOTION D425-2 DP versions 5.4 through 5.5 SP1 SIMOTI...
Siemens SIMOTION 信息泄露漏洞
SIMOTION is a scalable, high-performance motion control hardware and software system.SIMOTION P320 is an industrial PC for motion control. An information disclosure vulnerability exists in the Siemens SIMOTION and SIMOTION P320, which arises from the device not protecting access to certain servic...
Siemens SIMOTION
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Industrial Real-Time Devices Improper Input Validation (CVE-2019-10923)
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family incl. SIPLUS NET variants,...
Siemens SIMATIC NET CP Module Denial of Service Vulnerability
The Communication Processor CP modules of the SIMATIC CP 343-1 and CP 443-1 series are designed to support the SIMATIC S7-300/S7-400 CPUs for Ethernet communication.The SIPLUS Extreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP,...
Siemens Industrial Real-Time (IRT) Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
ICSA-18-060-01_Siemens SIMATIC, SIMOTION, and SINUMERIK (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.2 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-060-01 Siemens SIMATIC, SIMOTION, and SINUMERIK that was published March 01, 2018, on the NCCIC/ICS-CERT website. 3. RISK EVALUATION Successful exploitation of...
Siemens Industrial Products (Update D)
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01C Siemens Industrial Products that w...
Siemens Industrial Products (Update B)
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01A Siemens Industrial Products that w...
Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC Industrial PCs, SINUMERIK Panel Control Unit PCU, SIMOTION P320 Vulnerability: Permissions, Privileges, and Access Controls AFFECTED PRODUCTS Siemens reports that the vulnerability affects...
ICSA-17-180-01A_Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320 (Update A)
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC Industrial PCs, SINUMERIK Panel Control Unit PCU, SIMOTION P320 Vulnerability: Permissions, Privileges, and Access Controls UPDATED INFORMATION This updated advisory is a follow-up to the...
Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-064-02 Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths that was published March 5, 2015, on the NCCIC/ICS‑CERT web site. Ivan Sanchez from...
Various Siemens products have search path vulnerabilities
Siemens SIMATIC ProSave; SIMATIC CFC 8 SP4 upd9 8.1 upd1; SIMATIC STEP 7 5.5 SP1 Hf2 5.5 SP2 5.5 SP4 HF4 HF7 sp35.5; SIMOTION Scout 4.4 Starter 4.4 HF3 are all Siemens Siemens Germany company in Germany. A search path vulnerability exists in several Siemens products, allowing local users to gain...