Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SiemensSimatic Pcs78.0

16 matches found

CVE
CVEadded 2014/07/24 2:55 p.m.70 views

CVE-2014-4684

The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.

6CVSS6.6AI score0.00366EPSS
CVE
CVEadded 2014/11/26 11:59 a.m.51 views

CVE-2014-8551

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.

10CVSS7.7AI score0.05807EPSS
CVE
CVEadded 2012/09/18 2:55 p.m.50 views

CVE-2012-3032

SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message.

7.5CVSS8.4AI score0.00538EPSS
CVE
CVEadded 2013/06/14 7:55 p.m.50 views

CVE-2013-3959

The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL...

4CVSS6.4AI score0.00162EPSS
CVE
CVEadded 2016/11/15 7:30 p.m.50 views

CVE-2016-7165

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (Al...

6.9CVSS6.9AI score0.00098EPSS
CVE
CVEadded 2014/07/24 2:55 p.m.49 views

CVE-2014-4682

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.

5CVSS6.2AI score0.0023EPSS
CVE
CVEadded 2014/07/24 2:55 p.m.48 views

CVE-2014-4685

Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control.

4.6CVSS6.6AI score0.00054EPSS
CVE
CVEadded 2012/09/18 2:55 p.m.47 views

CVE-2012-3028

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.

6.8CVSS7.5AI score0.0017EPSS
CVE
CVEadded 2012/09/18 2:55 p.m.47 views

CVE-2012-3031

Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header.

4.3CVSS5.8AI score0.00589EPSS
CVE
CVEadded 2014/07/24 2:55 p.m.46 views

CVE-2014-4686

The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during t...

6.8CVSS6.1AI score0.00231EPSS
CVE
CVEadded 2014/11/26 11:59 a.m.46 views

CVE-2014-8552

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.

5CVSS6.8AI score0.00118EPSS
CVE
CVEadded 2013/06/14 7:55 p.m.45 views

CVE-2013-3958

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request.

7.5CVSS6.8AI score0.00423EPSS
CVE
CVEadded 2013/06/14 7:55 p.m.43 views

CVE-2013-3957

SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.5AI score0.00337EPSS
CVE
CVEadded 2012/09/18 2:55 p.m.41 views

CVE-2012-3034

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.

4.3CVSS7AI score0.00518EPSS
CVE
CVEadded 2014/07/24 2:55 p.m.41 views

CVE-2014-4683

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request.

4.9CVSS6.6AI score0.00157EPSS
CVE
CVEadded 2012/09/18 2:55 p.m.39 views

CVE-2012-3030

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request.

5CVSS6.4AI score0.00518EPSS