19 matches found
CVE-2023-25910
CVE-2023-25910 describes a remote code execution vulnerability in Siemens SIMATIC STEP 7 V5, SIMATIC PCS 7, and S7-PM products that contain an embedded database management system. The root cause is improper generation/control of code within the database functions, allowing remote unauthenticated ...
CVE-2019-10929
CVE-2019-10929 affects Siemens SIMATIC products (S7-1200/1500 families, ET200SP Open Controllers, HMI/WinCC/STEP 7, TIM 1531 IRC, etc.). The flaw is a message protection bypass caused by properties in the integrity-protection calculation, enabling a man-in-the-middle attacker with network access ...
CVE-2020-7580
CVE-2020-7580 affects Siemens products (e.g., SIMATIC Automation Tool, STEP 7/TIA Portal, WinCC OA, ProSave, S7-1500 controllers, etc.). Root cause: a common component calls a helper binary with SYSTEM privileges while the call path is not quoted (unquoted search path/element CWE-428). This could...
CVE-2021-42029
CVE-2021-42029 affects SIMATIC STEP 7 (TIA Portal) V15 (all versions), V16 (all versions before V16 Update 5), and V17 (all versions before V17 Update 2). Root cause: improper access control in the engineering system software that can allow privilege escalation on the web server of affected devic...
CVE-2020-7581
CVE-2020-7581 affects Siemens/Opcenter components (Discrete/Foundation/Process, Intelligence, Quality, RD&L) and related SIMATIC/Soft Starter/PCS neo, STEP 7, SIMOCODE ES, and Notifier Server. Root cause: an internal component calls a helper binary with SYSTEM privileges during startup via an unq...
CVE-2012-3015
Untrusted search path DLL loading vulnerability in Siemens SIMATIC STEP7 (before v5.5 SP1; used in PCS 7 up to v7.1 SP3) can allow execution of arbitrary code via a Trojan DLL placed in a STEP7 project folder. Affected products use DLL loading without validation, executing with STEP 7 permissions...
CVE-2020-7585
The connected advisory (ICSA-20-161-05) provides concrete details for CVE-2020-7585. A DLL hijacking flaw (Uncontrolled Search Path Element, CWE-427) in Siemens software could allow a local attacker with access to execute code with elevated privileges, affecting: SIMATIC PCS 7 v8.2 and earlier; S...
CVE-2020-7587
CVE-2020-7587 affects Siemens Opcenter and SIMATIC software (e.g., Opcenter Execution Discrete/Foundation/Process, Opcenter Intelligence, Opcenter RD&L, SIMATIC IT LMS/Production Suite, SIMATIC Notifier, PCSneo, STEP 7, SIMOCODE ES, Soft Starter ES, IT Production products). The vulnerability set ...
CVE-2020-7588
CVE-2020-7588 affects Siemens/SIEMENS-related products (Opcenter Execution Discrete/Foundation/Process, Intelligence, Quality, RD&L, SIMATIC IT LMS/Production Suite, Notifier Server, PCS neo, STEP 7 TI A Portal, SIMOCODE ES, Soft Starter ES). Root cause per PT-2020-6696 and CISA/NVD details: insu...
CVE-2015-1594
CVE-2015-1594 is a local untrusted-search-path vulnerability in Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER. The root cause is an untrusted search path (CWE-426) that lets a local attacker cause arbitrary code execution by loading a Trojan horse application f...
CVE-2016-7165
CVE-2016-7165 affects Siemens products including Primary Setup Tool, SIMATIC IT Production Suite, SIMATIC NET PC-Software, SIMATIC STEP 7 (TIA Portal) v13/v5.x, SIMATIC WinCC (TIA Portal) Basic/Professional/Runtime, SIMIT, SINEMA components, etc. Root cause: unquoted service paths enabling local ...
CVE-2015-1602
Siemens SIMATIC STEP 7 (TIA Portal) v12 and v13 prior to SP1 Upd1 are affected by CVE-2015-1602, which involves storing cleartext passwords in project files, enabling local attackers to reconstruct protection-level and web-server passwords from read files. The issue comprises two related weakness...
CVE-2015-1601
CVE-2015-1601 affects Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1. The root cause is a man-in-the-middle vulnerability in network communications (Port 102/TCP) that can allow attackers to intercept or modify transmitted data, potentially exposing sensitive information or enab...
CVE-2015-1355
Siemens SIMATIC STEP 7 TIA Portal (all versions prior to V13 SP1) is vulnerable due to use of a weak password-hashing algorithm for device user passwords stored in TIA Portal project files. Local users with read access to a project file could potentially reconstruct plaintext passwords. Siemens r...
CVE-2020-7586
CVE-2020-7586 is a local, heap-based buffer overflow vulnerability affecting Siemens products (SIMATIC PCS 7, PDM, STEP 7, SINAMICS STARTER). The issue allows a local attacker with existing access to cause a DoS and potentially access confidential information due to memory corruption. Root cause ...
CVE-2015-1356
Siemens SIMATIC STEP 7 TIA Portal (pre-13 SP1) stores device user privileges in project files with insufficient integrity protection, enabling modification of authorization data via a manipulated file and leading to privilege escalation. Mitigation: apply Siemens STEP 7 TIA Portal V13 Service Pac...
CVE-2016-7960
Siemens SIMATIC STEP 7 (TIA Portal) prior to version 14 is affected by an information-disclosure vulnerability caused by an improper format for managing TIA project files during version updates. Local attackers with access to engineering workstations or project storage could obtain sensitive conf...
CVE-2016-7959
Siemens SIMATIC STEP 7 (TIA Portal) before version 14 stores pre‑shared key data in TIA project files, enabling local attackers with file access to brute‑force and read sensitive information. The vulnerability is described across multiple sources (NVD entry for CVE-2016-7959 and PT Security advis...
CVE-2022-46141
CVE-2022-46141 affects SIMATIC STEP 7 (TIA Portal): all versions before V19 are vulnerable to information disclosure that could allow a local attacker to obtain the access level password of S7-1200/S7-1500 CPUs when entered by a legitimate user in the hardware configuration. The Red Hat/Siemens a...