Lucene search
K

333 matches found

Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.42 views

Siemens (CVE-2022-34820) (deprecated)

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions, SIMATIC CP 1243-1 All versions, SIMATIC CP 1243-7 LTE EU All versions, SIMATIC CP 1243-7 LTE US All versions, SIMATIC CP 1243-8 IRC All versions, SIMATIC CP 1542SP-1 IRC All versions = V2.0, SIMATIC CP 1543-1 All versions =...

0.4AI score0.02004EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.71 views

Siemens (CVE-2022-34819) (deprecated)

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions, SIMATIC CP 1243-1 All versions, SIMATIC CP 1243-7 LTE EU All versions, SIMATIC CP 1243-7 LTE US All versions, SIMATIC CP 1243-8 IRC All versions, SIMATIC CP 1542SP-1 IRC All versions = V2.0, SIMATIC CP 1543-1 All versions =...

9.6AI score0.01884EPSS
Exploits0References2
CNVD
CNVD
added 2022/07/15 12:0 a.m.22 views

Siemens SIMATIC CP SRCS VPN Feature Buffer Overflow Vulnerability

The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...

10CVSS3.7AI score0.01884EPSS
Exploits0References1
CNVD
CNVD
added 2022/07/15 12:0 a.m.21 views

Siemens SIMATIC CP SRCS VPN Feature Command Injection Vulnerability

The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...

9.8CVSS4AI score0.02004EPSS
Exploits0References1
CNVD
CNVD
added 2022/07/15 12:0 a.m.24 views

Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability

The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...

9.8CVSS4.1AI score0.02177EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.7 views

The vulnerability of the embedded web-server microprogramming software in industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, SCALANCE XR324-12M, and SIPLUS NET SCALANCE X308-2 allows a perpetrator to increase their privileges.

The vulnerability of the embedded web-server microprogramming software in industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and...

10CVSS7.7AI score0.01397EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.7 views

The vulnerabilities of the microprogrammed software of industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, SCALANCE XR324-12M, and SIPLUS NET SCALANCE X308-2 are related to errors in handling HTTP headers. These vulnerabilities allow attackers to trigger service interruptions.

The vulnerability of the microprogrammed software of industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M, as...

8.2CVSS7.1AI score0.01332EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.8 views

The vulnerability of microprogrammed software in industrial switches such as SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M lies in buffer overflows in the stack. This allows attackers to execute arbitrary code.

The vulnerability of the microprogrammed software of industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M, SIPL...

7.5CVSS8.2AI score0.01598EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.6 views

The vulnerability of microprogrammed software in industrial switches such as SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M lies in the copying of buffers without checking the size of the input data. This allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in industrial switches SCALANCE X302-7, SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X310, SCALANCE X320-1, SCALANCE X408-2, SCALANCE XR324-4M, and SCALANCE XR324-12M, SIPL...

9.6CVSS7.2AI score0.01332EPSS
Exploits0References2Affected Software13
NVD
NVD
added 2022/07/12 10:15 a.m.25 views

CVE-2022-34820

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

9.8CVSS0.02004EPSS
Exploits0References1
OSV
OSV
added 2022/07/12 10:15 a.m.6 views

CVE-2022-34820

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

8.4CVSS6AI score0.02004EPSS
Exploits0References1
Prion
Prion
added 2022/07/12 10:15 a.m.21 views

Authentication flaw

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

9.3CVSS9.2AI score0.02004EPSS
Exploits0References1Affected Software15
Prion
Prion
added 2022/07/12 10:15 a.m.25 views

Code injection

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE SC646-2C All versions V2.3, SCALANCE SC646-2C...

9.3CVSS7.6AI score0.02177EPSS
Exploits0References2Affected Software7
Prion
Prion
added 2022/07/12 10:15 a.m.27 views

Heap overflow

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

9.3CVSS9.4AI score0.01884EPSS
Exploits0References1Affected Software7
CVE
CVE
added 2022/07/12 10:7 a.m.111 views

CVE-2022-34820

CVE-2022-34820 is an authentication input handling vulnerability in Siemens SIMATIC CP devices (e.g., CP 1242-7/1243-1/1243-7 LTE EU/US/8 IRC, CP 1542SP-1/1543-1/1543SP-1, SIPLUS variants) where certain user-provided fields are not correctly escaped during authentication, allowing an attacker to ...

9.8CVSS8.5AI score0.02004EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/12 10:7 a.m.8 views

CVE-2022-34820

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

8.4CVSS8.6AI score0.02004EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/07/12 10:7 a.m.9 views

CVE-2022-34819

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

10CVSS9.4AI score0.01884EPSS
Exploits0References1
CVE
CVE
added 2022/07/12 12:0 a.m.126 views

CVE-2022-34821

The CVE-2022-34821 vulnerability affects Siemens RUGGEDCOM RM1224 LTE and various SCALANCE devices. The root cause is code injection by injecting code into specific OpenVPN configuration options, allowing arbitrary code execution with elevated privileges on affected devices. Relevant impacts incl...

9.8CVSS7.8AI score0.02177EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/12 12:0 a.m.5 views

PT-2022-22373 · Siemens · Scalance Sc646-2C +37

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1242-7 V2 All versions SIMATIC CP 1243-1 All versions SIMATIC CP 1243-7 LTE EU All versions SIMATIC CP 1243-7 LTE US All versions SIMATIC CP 1243-8 IRC All versions SIMATIC CP 1542SP-1 IRC All versions = V2.0 SIMATIC CP 1543-1 All...

9.8CVSS7.3AI score0.02177EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.5 views

The vulnerability of microprogrammed software in communication modules of SIMATIC CP 1543-1 and SIPLUS NET CP arises from insufficient validation of input data. This allows attackers to trigger service failures.

The vulnerability of microprogrammed communication module software for SIMATIC CP 1543-1 and SIPLUS NET CP is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures by sending specially crafted packets to port 161/udp...

5.3CVSS6.5AI score0.03624EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder