Simatic Step 7@* Security Vulnerabilities and Issues — Simatic Step 7@* CVE List

Lucene search

SiemensSimatic Step 7*

19 matches found

CVE•added 2023/06/13 9:15 a.m.•91 views

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions

10CVSS8.5AI score0.00443EPSS

CVE•added 2020/06/10 5:15 p.m.•75 views

CVE-2020-7580

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0...

7.2CVSS6.7AI score0.00049EPSS

CVE•added 2019/08/13 7:15 p.m.•70 views

CVE-2019-10929

A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) ...

5.9CVSS5.5AI score0.00139EPSS

CVE•added 2022/04/12 9:15 a.m.•69 views

CVE-2021-42029

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions

7.8CVSS7.6AI score0.00038EPSS

CVE•added 2012/07/26 10:41 a.m.•61 views

CVE-2012-3015

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.

6.9CVSS6.7AI score0.00071EPSS

CVE•added 2020/07/14 2:15 p.m.•57 views

CVE-2020-7581

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcen...

7.2CVSS6.5AI score0.00048EPSS

CVE•added 2020/07/14 2:15 p.m.•53 views

CVE-2020-7587

8.2CVSS7.7AI score0.00498EPSS

CVE•added 2015/03/07 2:59 a.m.•52 views

CVE-2015-1594

Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain...

6.9CVSS6.6AI score0.00056EPSS

CVE•added 2020/06/10 5:15 p.m.•52 views

CVE-2020-7585

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions

7.8CVSS7.5AI score0.00087EPSS

CVE•added 2020/07/14 2:15 p.m.•52 views

CVE-2020-7588

5.3CVSS5.1AI score0.00398EPSS

CVE•added 2016/11/15 7:30 p.m.•50 views

CVE-2016-7165

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (Al...

6.9CVSS6.9AI score0.00098EPSS

CVE•added 2015/02/18 2:59 a.m.•48 views

CVE-2015-1355

Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.

2.1CVSS6.5AI score0.00056EPSS

CVE•added 2015/04/06 1:59 a.m.•45 views

CVE-2015-1601

Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.

6.8CVSS6AI score0.00396EPSS

CVE•added 2015/04/06 1:59 a.m.•45 views

CVE-2015-1602

Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.

2.1CVSS6.5AI score0.00056EPSS

CVE•added 2020/06/10 5:15 p.m.•43 views

CVE-2020-7586

7.8CVSS7.5AI score0.00151EPSS

CVE•added 2015/02/18 2:59 a.m.•41 views

CVE-2015-1356

Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.

4.4CVSS6.9AI score0.00127EPSS

CVE•added 2016/10/13 10:59 a.m.•40 views

CVE-2016-7960

Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.

2.5CVSS3.3AI score0.00088EPSS

CVE•added 2016/10/13 10:59 a.m.•32 views

CVE-2016-7959

Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.

4.7CVSS4.3AI score0.00063EPSS

CVE•added 2023/12/12 12:15 p.m.•31 views

CVE-2022-46141

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions

5.5CVSS4.6AI score0.00012EPSS