Lucene search
+L
SiemensSimatic Wincc Open Architecture

8 matches found

CVE
CVE
added 2019/08/13 6:55 p.m.93 views

CVE-2019-10929

CVE-2019-10929 affects Siemens SIMATIC products (S7-1200/1500 families, ET200SP Open Controllers, HMI/WinCC/STEP 7, TIM 1531 IRC, etc.). The flaw is a message protection bypass caused by properties in the integrity-protection calculation, enabling a man-in-the-middle attacker with network access ...

5.9CVSS5.5AI score0.00978EPSS
CVE
CVE
added 2020/06/10 12:0 a.m.90 views

CVE-2020-7580

CVE-2020-7580 affects Siemens products (e.g., SIMATIC Automation Tool, STEP 7/TIA Portal, WinCC OA, ProSave, S7-1500 controllers, etc.). Root cause: a common component calls a helper binary with SYSTEM privileges while the call path is not quoted (unquoted search path/element CWE-428). This could...

7.2CVSS6.7AI score0.00441EPSS
CVE
CVE
added 2014/02/07 2:0 a.m.71 views

CVE-2014-1696

Siemens SIMATIC WinCC OA before 3.12 P002 uses a weak password hash in the server application, enabling remote brute-force access. Affected: SIMATIC WinCC OA server (prior to 3.12 P002 January). Impact: potential privilege escalation or unauthorized access as described in the ICS advisory. Remedi...

5CVSS6.6AI score0.01691EPSS
CVE
CVE
added 2019/02/05 10:0 p.m.71 views

CVE-2018-3991

The CVE-2018-3991 vulnerability is a heap-based overflow in WIBU-SYSTEMS WibuKey Network server management (WkbProgramLow function) affecting versions around 6.40.2402.500. A specially crafted TCP packet to port 22347/TCP can trigger the overflow, potentially enabling remote code execution. Mitig...

10CVSS9.7AI score0.34329EPSS
CVE
CVE
added 2018/09/12 2:0 p.m.65 views

CVE-2018-13799

The CVE-2018-13799 vulnerability affects SIMATIC WinCC OA V3.14 and earlier (

9.1CVSS8.8AI score0.02252EPSS
CVE
CVE
added 2014/02/07 2:0 a.m.60 views

CVE-2014-1698

CVE-2014-1698 is a directory traversal vulnerability in Siemens SIMATIC WinCC OA, affecting versions before 3.12 P002 January. The affected component is the integrated Web server at Port 4999/TCP, allowing remote attackers to read arbitrary files via crafted packets. The ICS advisory confirms mul...

5CVSS6.9AI score0.03507EPSS
CVE
CVE
added 2014/02/07 2:0 a.m.58 views

CVE-2014-1699

CVE-2014-1699 affects Siemens SIMATIC WinCC OA before version 3.12 P002 January. The vulnerability resides in the integrated Web server on port 4999/TCP and stems from improper input validation, allowing remote attackers to trigger a denial of service (monitoring-service outage) by sending malfor...

5CVSS6.8AI score0.02142EPSS
CVE
CVE
added 2014/02/07 2:0 a.m.49 views

CVE-2014-1697

The CVE-2014-1697 entry concerns Siemens SIMATIC WinCC OA prior to version 3.12 P002. The vulnerability lies in the integrated Web server on port 4999, where specially crafted, unauthenticated packets can remotely trigger arbitrary code execution due to improper handling of inputs (code injection...

7.5CVSS7.8AI score0.05261EPSS