Lucene search
+L
SiemensSimatic Pcs Neo

24 matches found

cve
cve
added 2021/06/16 11:9 a.m.137 views

CVE-2021-20093

CVE-2021-20093 affects Wibu-Systems CodeMeter Runtime (CodeMeter, CmWAN/CodeMeter Network Server) prior to v7.21a. The issue is a buffer over-read (CWE-126) in the CodeMeter Runtime network server that can be exploited by an unauthenticated remote attacker to disclose heap memory contents or cras...

9.1CVSS9.1AI score0.33304EPSS
cve
cve
added 2022/04/12 9:7 a.m.100 views

CVE-2022-27194

CVE-2022-27194 affects Siemens SIMATIC PCS neo (Administration Console), SINETPLAN, and TIA Portal (V15–V17). The issue arises from improper handling of specially crafted packets sent to port 8888/TCP, leading to a remote Denial-of-Service that requires manual device restart. Mitigations document...

7.8CVSS7.3AI score0.01376EPSS
cve
cve
added 2020/06/10 12:0 a.m.89 views

CVE-2020-7580

CVE-2020-7580 affects Siemens products (e.g., SIMATIC Automation Tool, STEP 7/TIA Portal, WinCC OA, ProSave, S7-1500 controllers, etc.). Root cause: a common component calls a helper binary with SYSTEM privileges while the call path is not quoted (unquoted search path/element CWE-428). This could...

7.2CVSS6.7AI score0.00441EPSS
cve
cve
added 2023/12/12 11:27 a.m.85 views

CVE-2023-46285

The CVE-2023-46285 issue is an improper input validation flaw in Siemens/SAP Opcenter and TIAP/TIA components that can trigger a denial-of-service by sending crafted traffic to port 4004/tcp. Affected products include Opcenter Execution Foundation (< V2407), Opcenter Quality (< V2312), SIMA...

7.5CVSS7.5AI score0.00905EPSS
cve
cve
added 2023/12/12 11:27 a.m.84 views

CVE-2023-46284

Opcenter components and Siemens TIAP stack are affected by CVE-2023-46284, a buffer overflow (out-of-bounds write) in handling requests on ports 4002/tcp and 4004/tcp that can crash the target application (denial of service) with auto-restart of the service. Affected products/versions include: Op...

7.5CVSS7.8AI score0.00905EPSS
cve
cve
added 2023/12/12 11:27 a.m.81 views

CVE-2023-46282

Siemens Opcenter/TIA Portal family is affected by a reflected XSS in the web UI across multiple products and versions: Opcenter Execution Foundation < V2407, Opcenter Quality < V2312, SIMATIC PCS N eo < V4.1, SINEC NMS < V2.0 SP1, and TIA Portal V14, V15.1, V16, V17 < V17 Update 8,...

7.1CVSS6.2AI score0.00492EPSS
cve
cve
added 2020/07/14 1:18 p.m.78 views

CVE-2020-7581

CVE-2020-7581 affects Siemens/Opcenter components (Discrete/Foundation/Process, Intelligence, Quality, RD&L) and related SIMATIC/Soft Starter/PCS neo, STEP 7, SIMOCODE ES, and Notifier Server. Root cause: an internal component calls a helper binary with SYSTEM privileges during startup via an unq...

7.2CVSS6.5AI score0.00379EPSS
cve
cve
added 2023/12/12 11:27 a.m.74 views

CVE-2023-46281

CVE-2023-46281 affects Siemens/Opcenter UMC across multiple products, due to an overly permissive cross-domain policy in the UMC Web-UI. Affected versions include Opcenter Execution Foundation < V2407, Opcenter Quality < V2312, SIMATIC PCS neo < V4.1, SINEC NMS < V2.0 SP1, and TIAs: P...

8.8CVSS7.6AI score0.0094EPSS
cve
cve
added 2023/12/12 11:27 a.m.73 views

CVE-2023-46283

The CVE-2023-46283 issue affects Opcenter Execution Foundation (< V2407), Opcenter Quality (< V2312), SIMATIC PCS neo (< V4.1), SINEC NMS (

7.5CVSS7.8AI score0.00905EPSS
cve
cve
added 2021/11/14 8:21 p.m.70 views

CVE-2021-41057

CVE-2021-41057 affects WIBU CodeMeter Runtime prior to 7.30a. A local attacker can abuse a crafted CmDongles symbolic link to overwrite the target file without permission checks, potentially crashing the CodeMeter Runtime Server and causing DoS. Public documentation confirms affected product is C...

7.1CVSS6.8AI score0.00289EPSS
cve
cve
added 2020/07/14 1:18 p.m.69 views

CVE-2020-7587

CVE-2020-7587 affects Siemens Opcenter and SIMATIC software (e.g., Opcenter Execution Discrete/Foundation/Process, Opcenter Intelligence, Opcenter RD&L, SIMATIC IT LMS/Production Suite, SIMATIC Notifier, PCSneo, STEP 7, SIMOCODE ES, Soft Starter ES, IT Production products). The vulnerability set ...

8.2CVSS7.7AI score0.02484EPSS
cve
cve
added 2020/07/14 1:18 p.m.68 views

CVE-2020-7588

CVE-2020-7588 affects Siemens/SIEMENS-related products (Opcenter Execution Discrete/Foundation/Process, Intelligence, Quality, RD&L, SIMATIC IT LMS/Production Suite, Notifier Server, PCS neo, STEP 7 TI A Portal, SIMOCODE ES, Soft Starter ES). Root cause per PT-2020-6696 and CISA/NVD details: insu...

5.3CVSS5.1AI score0.02151EPSS
cve
cve
added 2023/11/14 11:4 a.m.61 views

CVE-2023-46097

SIMATIC PCS neo SQL Injection (CVE-2023-46097) affects all versions prior to V4.1. The PUD Manager does not properly neutralize user inputs, allowing an authenticated adjacent attacker to execute SQL statements in the underlying database. Evidence in connected sources confirms the vulnerability a...

8CVSS6.7AI score0.00432EPSS
cve
cve
added 2023/11/14 11:4 a.m.60 views

CVE-2023-46098

CVE-2023-46098 affects SIMATIC PCSneo (all versions before V4.1). The issue is a permissive cross-domain policy (CORS) in the Information Server that could let an attacker trick a legitimate user into triggering unwanted behavior. Impact is high (C/H/I/H/A/H) per CVSS; exploitation would require ...

8.8CVSS7.7AI score0.00618EPSS
cve
cve
added 2023/11/14 11:4 a.m.56 views

CVE-2023-46096

CVE-2023-46096 affects SIMATIC PCS neo (

6.5CVSS6.2AI score0.00317EPSS
cve
cve
added 2023/09/14 10:39 a.m.54 views

CVE-2023-38558

Summary of CVE-2023-38558 : Siemens SIMATIC PCS neo Administration Console (V4.0 and V4.0 Update 1) contains an information-disclosure vulnerability that leaks Windows admin credentials to an attacker with local access, enabling impersonation of an admin and potential access to other Windows syst...

5.5CVSS5.3AI score0.00166EPSS
cve
cve
added 2023/11/14 11:4 a.m.51 views

CVE-2023-46099

Siemens SIMATIC PCS neo (versions prior to V4.1) has a stored cross-site scripting vulnerability in the Administration Console. The issue allows an attacker with high privileges to inject JavaScript that is executed by other legitimate users. Affected component: Administration Console of SIMATIC ...

5.4CVSS4.8AI score0.00388EPSS
cve
cve
added 2025/05/13 9:38 a.m.49 views

CVE-2025-40566

CVE-2025-40566 affects Siemens SIMATIC PCS neo: v4.1 up to but excluding Update 3, and v5.0 up to but excluding Update 1. The root cause is improper invalidation of user sessions on logout, allowing a remote, unauthenticated attacker who obtained a legitimate session token to reuse that session a...

9.8CVSS7.1AI score0.00374EPSS
cve
cve
added 2025/05/13 9:38 a.m.46 views

CVE-2025-30175

CVE-2025-30175 affects Siemens SIMATIC PCS neo (V4.1–V5.0), SINEC NMS (

8.7CVSS7AI score0.00531EPSS
cve
cve
added 2025/05/13 9:38 a.m.40 views

CVE-2025-30176

Summary (CVE-2025-30176) Affected Siemens products include SIMATIC PCS neo (V4.1–V5.0), SINEC NMS (< V4.0), SINEMA Remote Connect, TIA Portal (V17–V20), and the User Management Component (UMC) (

8.7CVSS7AI score0.00531EPSS
cve
cve
added 2025/09/09 8:48 a.m.24 views

CVE-2025-40796

The CVE-2025-40796 entry affects Siemens SIMATIC PCS neo (V4.1, V5.0, V6.0 all versions) and the User Management Component (UMC) (all versions

8.7CVSS5.2AI score0.00443EPSS
cve
cve
added 2025/09/09 8:48 a.m.22 views

CVE-2025-40797

CVE-2025-40797 affects Siemens SIMATIC PCS neo and its User Management Component (UMC). The UMC contains an out-of-bounds read vulnerability that can be triggered by an unauthenticated remote attacker, causing a denial of service. Affected products include PCS neo v4.1, v5.0, and v6.0 (all versio...

8.7CVSS5.2AI score0.00477EPSS
cve
cve
added 2025/09/09 8:48 a.m.21 views

CVE-2025-40798

CVE-2025-40798 affects Siemens SIMATIC PCS neo versions 4.1, 5.0, 6.0 (all versions) and the embedded User Management Component (UMC) versions prior to 2.15.1.3. The vulnerability is an out-of-bounds read in the UMC that could allow an unauthenticated remote attacker to cause a denial of service....

8.7CVSS5.2AI score0.00477EPSS
cve
cve
added 2025/09/09 8:48 a.m.18 views

CVE-2025-40795

The CVE-2025-40795 issue affects Siemens SIMATIC PCS neo versions 4.1, 5.0 and 6.0, and the integrated User Management Component (UMC)

9.8CVSS6.3AI score0.00665EPSS