CVE-2021-31894

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier All versions, SIMATIC PCS 7 V9.X All versions V9.1 SP2, SIMATIC PDM All versions V9.2 SP2, SIMATIC STEP 7 V5.X All versions V5.7, SINAMICS STARTER containing STEP 7 OEM version All versions V5.4 SP2 HF1. A directory containing...

CVE-2025-40759

A vulnerability has been identified in SIMATIC S7-PLCSIM V17 All versions, SIMATIC STEP 7 V17 All versions V17 Update 9, SIMATIC STEP 7 V18 All versions, SIMATIC STEP 7 V19 All versions V19 Update 4, SIMATIC STEP 7 V20 All versions V20 Update 4, SIMATIC WinCC V17 All versions V17 Update 9, SIMATI...

Siemens多款产品 代码问题漏洞

Siemens SIMATIC STEP and others are products of Siemens, a German company. siemens SIMATIC STEP is a comprehensive engineering tool for configuring and programming SIMATIC controllers. siemens SIMATIC PCS neo is a distributed control system. siemens SIMATIC STEP 7 is a PLC program simulation...

PT-2025-32646 · Siemens · Simatic S7-Plcsim +10

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS neo versions 4.1 through 6.0 SIMATIC S7-PLCSIM version 17 SIMATIC STEP 7 versions 17 through 20 SIMATIC WinCC versions 17 through 20 SIMOCODE ES versions 17 through 20 SIMOTION SCOUT TIA versions 5.4 through 5.7 SINAMICS Startdriv...

PT-2024-9404 · Siemens · Sinamics Startdrive +11

Name of the Vulnerable Software and Affected Versions: SIMATIC S7-PLCSIM versions 17 through 18 SIMATIC STEP 7 Safety versions 17 through 19 SIMATIC STEP 7 versions 17 through 19 SIMATIC WinCC Unified PC Runtime versions 18 through 19 SIMATIC WinCC Unified versions 17 through 19 SIMATIC WinCC...

Siemens多款产品 代码问题漏洞

SIMATIC S7-PLCSIM simulates the S7-1200, S7-1500 and a number of other PLC derivatives shipped as part of SIMATIC STEP 7. simatic step7 TIA Portal is an engineering software package for configuring and programming SIMATIC controllers. simmocode ES is the simmocode ES is the core software package...

The vulnerability of Siemens SIMATIC PCS neo process control systems and Siemens SIMATIC STEP 7 programmable logic controllers, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of Siemens SIMATIC PCS neo process control systems and Siemens SIMATIC STEP 7 programmable logic controllers is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows attackers to execute arbitrary code using specially created data...

Siemens SIMATIC PCS和SIMATIC STEP 代码问题漏洞

SIMATIC PCS neo is a distributed control system DCS. simatic STEP 7 TIA Portal is an engineering software for configuring and programming simatic controllers. totally Integrated Automation Portal TIA Portal is a PC software that offers the complete range of Siemens digital automation services, fr...

CVE-2022-46141

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal All versions V19. An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware...

Siemens SIMATIC STEP 安全漏洞

SIMATIC STEP 7 TIA Portal is an engineering software for configuring and programming SIMATIC controllers. An information disclosure vulnerability exists in Siemens SIMATIC STEP 7 TIA Portal, which can be exploited by an attacker to gain access...

PT-2023-14813 · Siemens · Simatic Step 7 +2

Name of the Vulnerable Software and Affected Versions: SIMATIC STEP 7 TIA Portal versions prior to V19 Description: An information disclosure issue could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs when entered by a legitimate user in...

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on June 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-166-01 SUBNET PowerSYSTEM Center ICSA-23-166-02 Advantech WebAccessSCADA...

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting the startup process of SIRIUS Soft Starter ES, the web-based systems for managing technological processes like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators like SIMATIC IT LMS. These vulnerabilities arise from the absence of quotation marks in the wording of elements or search methods, which allows attackers to exploit them to gain elevated privileges to the root level.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

Vulnerabilities of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting device startup data (SIRIUS Soft Starter ES), technological process control systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators SIMATIC IT LMS. These vulnerabilities may allow a intruder to trigger malfunctions during maintenance operations due to improper cleaning or resource release.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

Vulnerability of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting the startup status of SIRIUS Soft Starter ES, technological process management systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators like SIMATIC IT LMS. These vulnerabilities allow attackers to trigger malfunctions during maintenance operations due to insufficient input data verification.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

CVE-2021-42029

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal V15 All versions, SIMATIC STEP 7 TIA Portal V16 All versions V16 Update 5, SIMATIC STEP 7 TIA Portal V17 All versions V17 Update 2. An attacker could achieve privilege escalation on the web server of certain devices due to improper...

VulnCheck KEV: CVE-2012-3015

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder...

CVE-2021-31893

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier All versions, SIMATIC PCS 7 V9.0 All versions V9.0 SP3, SIMATIC PDM All versions V9.2, SIMATIC STEP 7 V5.X All versions V5.6 SP2 HF3, SINAMICS STARTER containing STEP 7 OEM version All versions V5.4 HF2. The affected software...

PT-2020-6695 · Siemens · Simocode Es +12

Name of the Vulnerable Software and Affected Versions: Opcenter Execution Discrete versions prior to V3.2 Opcenter Execution Foundation versions prior to V3.2 Opcenter Execution Process versions prior to V3.2 Opcenter Intelligence versions prior to V3.3 Opcenter Quality versions prior to V11.3...