Lucene search
K

257 matches found

NCSC
NCSC
added 2024/09/10 6:20 p.m.10 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Mendix, SICAM, SIMATIC, SINEMA, SINUMERIK and Tecnomatix. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of dat...

10CVSS8.2AI score0.99506EPSS
Exploits72References15
NVD
NVD
added 2024/09/10 10:15 a.m.11 views

CVE-2024-43781

A vulnerability has been identified in SINUMERIK 828D V4 All versions V4.95 SP3, SINUMERIK 840D sl V4 All versions V4.95 SP3 in connection with using Create MyConfig CMC = V4.8 SP1 HF6, SINUMERIK ONE All versions V6.23 in connection with using Create MyConfig CMC = V6.6, SINUMERIK ONE All version...

6.8CVSS0.00155EPSS
Exploits0References1
NVD
NVD
added 2024/09/10 10:15 a.m.11 views

CVE-2024-41171

A vulnerability has been identified in SINUMERIK 828D V4 All versions, SINUMERIK 828D V5 All versions V5.24, SINUMERIK 840D sl V4 All versions, SINUMERIK ONE All versions V6.24. Affected devices do not properly enforce access restrictions to scripts that are regularly executed by the system with...

9.3CVSS0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/10 9:36 a.m.13 views

CVE-2024-43781

A vulnerability has been identified in SINUMERIK 828D V4 All versions V4.95 SP3, SINUMERIK 840D sl V4 All versions V4.95 SP3 in connection with using Create MyConfig CMC = V4.8 SP1 HF6, SINUMERIK ONE All versions V6.23 in connection with using Create MyConfig CMC = V6.6, SINUMERIK ONE All version...

6.8CVSS0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/10 9:36 a.m.8 views

CVE-2024-43781

A vulnerability has been identified in SINUMERIK 828D V4 All versions V4.95 SP3, SINUMERIK 840D sl V4 All versions V4.95 SP3 in connection with using Create MyConfig CMC = V4.8 SP1 HF6, SINUMERIK ONE All versions V6.23 in connection with using Create MyConfig CMC = V6.6, SINUMERIK ONE All version...

6.8CVSS6.3AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2024/09/10 9:36 a.m.49 views

CVE-2024-43781

CVE-2024-43781 concerns SINUMERIK systems where, when Create MyConfig (CMC) is used, an Insertion of Sensitive Information into Log File vulnerability can allow a local authenticated user with low privileges to read sensitive data and bypass access restrictions. Affected products include SINUMERI...

6.8CVSS6.2AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2024/09/10 9:36 a.m.45 views

CVE-2024-41171

The CVE-2024-41171 vulnerability affects Siemens SINUMERIK 828D V4 (all versions), SINUMERIK 828D V5 (all versions < V5.24), SINUMERIK 840D sl V4 (all versions) and SINUMERIK ONE (all versions

9.3CVSS6.8AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/10 9:36 a.m.11 views

CVE-2024-41171

A vulnerability has been identified in SINUMERIK 828D V4 All versions, SINUMERIK 828D V5 All versions V5.24, SINUMERIK 840D sl V4 All versions, SINUMERIK ONE All versions V6.24. Affected devices do not properly enforce access restrictions to scripts that are regularly executed by the system with...

9.3CVSS6.9AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/10 9:36 a.m.14 views

CVE-2024-41171

A vulnerability has been identified in SINUMERIK 828D V4 All versions, SINUMERIK 828D V5 All versions V5.24, SINUMERIK 840D sl V4 All versions, SINUMERIK ONE All versions V6.24. Affected devices do not properly enforce access restrictions to scripts that are regularly executed by the system with...

9.3CVSS0.0014EPSS
Exploits0References1
ICS
ICS
added 2024/09/10 12:0 a.m.36 views

Siemens Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.1CVSS9AI score0.99506EPSS
Exploits68References10
ICS
ICS
added 2024/09/10 12:0 a.m.12 views

Siemens SINUMERIK Systems

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.8CVSS6.7AI score0.00155EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.9 views

PT-2024-7879 · Siemens · Sinumerik 828D V4 +3

Name of the Vulnerable Software and Affected Versions: SINUMERIK 828D V4 versions prior to V4.95 SP3 SINUMERIK 840D sl V4 versions prior to V4.95 SP3 SINUMERIK ONE versions prior to V6.23 SINUMERIK ONE versions prior to V6.15 SP4 Description: A vulnerability has been identified that allows the...

6.8CVSS6.7AI score0.00155EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.4 views

PT-2024-7813 · Siemens · Sinumerik 828D V4 +3

Name of the Vulnerable Software and Affected Versions: SINUMERIK 828D V4 All versions SINUMERIK 828D V5 All versions V5.24 SINUMERIK 840D sl V4 All versions SINUMERIK ONE All versions V6.24 Description: A vulnerability has been identified in the affected devices, which do not properly enforce...

9.3CVSS7.2AI score0.0014EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.5 views

Siemens SINUMERIK 日志信息泄露漏洞

SINUMERIK CNC provides automation solutions for shop floor, workshop and large batch production environments.SINUMERIK ONE is a digital native CNC with integrated SIMATIC S7-1500 CPU for automation. A log information disclosure vulnerability exists in the Siemens SINUMERIK system, which can be...

6.8CVSS6.1AI score0.00155EPSS
Exploits0References2
ICS
ICS
added 2024/09/10 12:0 a.m.12 views

Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

9.3CVSS6.9AI score0.0014EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.5 views

Siemens SINUMERIK 安全漏洞

SINUMERIK CNC provides automation solutions for shop floor, workshop and large batch production environments. SINUMERIK ONE is a digital native CNC with integrated SIMATIC S7-1500 CPU for automation. An elevation of privilege vulnerability exists in Siemens SINUMERIK ONE, SINUMERIK-840D and...

9.3CVSS7.2AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Softing edgeConnector 安全漏洞

Softing edgeConnector is a Docker-based software application from Softing Inc. It can access process data in SIMATIC S7, SINUMERIK 840D and Modbus TCP controllers. A security vulnerability exists in Softing edgeConnector that stems from a specific flaw in the handling of OPC UA ConditionRefresh...

7.5CVSS7.5AI score0.01322EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.5 views

Softing edgeConnector 安全漏洞

Softing edgeConnector is a Docker-based software application from Softing Inc. It can access process data in SIMATIC S7, SINUMERIK 840D and Modbus TCP controllers. A security vulnerability exists in Softing edgeConnector that originates from a dereferenced null pointer in the handling of OPC clie...

7.5CVSS7.5AI score0.00754EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/05 12:0 a.m.4 views

The vulnerability of the UMC software product management components, including Opcenter Quality, SIMATIC PCS neo, SINUMERIK Integrate RunMyHMI/Automotive, Totally Integrated Automation Portal (TIA Portal), allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UMC software product management components, including Opcenter Quality, SIMATIC PCS neo, SINUMERIK Integrate RunMyHMI/Automotive, Totally Integrated Automation Portal TIA Portal, is related to the use of an unauthorized intermediate policy file. Exploiting this...

10CVSS7.6AI score0.0094EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.6 views

The vulnerability of the Opcenter Quality production process management system, the SIMATIC PCS neo technological process management web system, the SINUMERIK Integrate RunMyHMI/Automotive production process automation and management software, and the Totally Integrated Automation Portal (Portal TIA) – related to copying buffers without checking input data size – allows a malicious actor to trigger service failures.

The vulnerability of the Opcenter Quality production process management system, the SIMATIC PCS neo technological process management web system, the SINUMERIK Integrate RunMyHMI/Automotive production process automation and management software, and the Totally Integrated Automation Portal Portal T...

7.8CVSS7.2AI score0.00905EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder