774 matches found
PT-2026-43244
IEC 60870-5-104 used in bidirectional mode is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode BCI is configured...
CVE-2025-40942
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products such as Industrial Edge Devices, SCALANCE, SIMATIC, SIPLUS and Telecontrol Server. The vulnerabilities potentially enable a malicious person to carry out attacks that could result in the following categories of damage: - Denial-of-Service DoS ...
CVE-2025-40942
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...
CVE-2025-40942
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...
CVE-2025-40942
CVE-2025-40942 affects TeleControl Server Basic prior to version 3.1.2.4. The issue is a local privilege escalation that could allow an attacker to execute arbitrary code with elevated privileges on the affected software. Remediation consistently cited across sources is to update TeleControl Serv...
CVE-2025-40942
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...
CVE-2025-40942
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...
siemens TeleControl Server Basic 安全漏洞
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. A security vulnerability exists in siemens TeleControl Server Basic versions prior to V3.1.2.4, which stems from a local elevation of privilege vulnerability that could lead to the execution of arbitrary co...
Siemens TeleControl Server Basic
SUMMARY TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges. Siemens has released a new version for TeleControl Server Basic and recommends to update to the latest version. 2...
PT-2026-2353
Name of the Vulnerable Software and Affected Versions TeleControl Server Basic versions prior to 3.1.2.4 Description The application contains a local privilege escalation issue that could allow an attacker to execute arbitrary code with elevated privileges. Recommendations Update TeleControl Serv...
CVE-2025-63927
A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. During multi-threaded client execution, the function Iec10xScheduled can access memory that has already been freed, potentially causing program crashes or undefined behavior. This may be exploited to...
Siemens TeleControl Server Basic Information Disclosure (CVE-2025-40765)
Binary data siemenstelecontrolserverbasiccve-2025-40765.nbin...
CVE-2025-40765
A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...
CVE-2025-40765
A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...
CVE-2025-40765
A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...
CVE-2025-40765
A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...
EUVD-2025-34161
A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...
CVE-2025-40765
A vulnerability has been identified in TeleControl Server Basic V3.1 All versions = V3.1.2.2 V3.1.2.3. The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform...
CVE-2025-40765
CVE-2025-40765 affects Siemens TeleControl Server Basic, versions 3.1.2.2–3.1.2.3. The vulnerability is an information disclosure that could allow an unauthenticated remote attacker to obtain user password hashes and login to perform authenticated operations on the database service. The issue is ...