Lucene search
K
SiemensSimatic Wincc Runtime Advanced

12 matches found

CVE
CVE
added 2021/03/25 2:25 p.m.816 views

CVE-2021-3449

CVE-2021-3449 affects OpenSSL 1.1.1.x where a TLSv1.2 server may crash (DoS) if it receives a renegotiation ClientHello that omits the signature_algorithms extension but includes signature_algorithms_cert. The issue is a NULL pointer dereference leading to a denial of service; OpenSSL clients are...

5.9CVSS6.7AI score0.62906EPSS
CVE
CVE
added 2019/04/17 1:40 p.m.108 views

CVE-2019-6568

CVE-2019-6568 describes a denial-of-service vulnerability in Siemens device webservers that can be triggered by network-originated requests, with no privileges required and no user interaction. Connected sources confirm the flaw affects multiple Siemens industrial products (e.g., SINAMICS family:...

7.5CVSS7.3AI score0.01401EPSS
CVE
CVE
added 2019/04/17 1:40 p.m.105 views

CVE-2019-6575

CVE-2019-6575 affects Siemens industrial products using OPC UA, including SIMATIC CP443-1 OPC UA, ET 200 Open Controller CPU 1515SP PC2, HMI Outdoor Panels (7"/15"), HMI Comfort Panels (4"–22"), KTP Mobile Panels, IPC DiagMonitor, NET PC Software, RF188C, RF600R, S7‑1500 family, WinCC OA/Runtime,...

7.8CVSS7.4AI score0.01633EPSS
CVE
CVE
added 2020/06/10 12:0 a.m.89 views

CVE-2020-7580

CVE-2020-7580 affects Siemens products (e.g., SIMATIC Automation Tool, STEP 7/TIA Portal, WinCC OA, ProSave, S7-1500 controllers, etc.). Root cause: a common component calls a helper binary with SYSTEM privileges while the call path is not quoted (unquoted search path/element CWE-428). This could...

7.2CVSS6.7AI score0.00441EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.86 views

CVE-2021-27384

CVE-2021-27384 is a concrete SmartVNC vulnerability: an out-of-bounds memory access in the device layout handler could allow code execution. Affected Siemens products include SmartVNC-enabled HMI/WinCC components (e.g., SIMATIC HMI Comfort Outdoor Panels, KTP Mobile Panels, WinCC Runtime Advanced...

9.8CVSS9.3AI score0.02538EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.82 views

CVE-2021-25660

The CVE-2021-25660 entry maps to Siemens SmartVNC/WinCC/HMI components with an out-of-bounds memory access vulnerability that can trigger a Denial-of-Service on the server side (and related variants on the client side). Affected products include SIMATIC HMI Comfort Outdoor Panels (various V15/V16...

7.5CVSS7.3AI score0.00961EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.82 views

CVE-2021-27385

CVE-2021-27385 affects Siemens SmartVNC-related components. A remote attacker can send specially crafted packets to the SmartVNC device layout handler on the client side, causing uncontrolled resource consumption and a Denial-of-Service (infinite loop) condition. Affected products include SIMATIC...

7.5CVSS7.3AI score0.02533EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.81 views

CVE-2021-27383

CVE-2021-27383 describes a heap allocation leak vulnerability in the SmartVNC server Tight encoder, causing a Denial-of-Service condition. Affected are Siemens SmartVNC deployments on various HMI/WinCC panels (e.g., SIMATIC HMI Comfort Outdoor Panels, Comfort Panels, KTP Mobile Panels, WinCC Runt...

7.5CVSS7.3AI score0.01777EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.77 views

CVE-2021-25662

The CVE-2021-25662 entry concerns SmartVNC’s handling of exceptions when the program execution process is modified after a packet is sent from the server, which could trigger a Denial-of-Service condition. Affected products include Siemens SIMATIC HMI Comfort Outdoor Panels (V15/V16 series), SIMA...

7.5CVSS7.4AI score0.01627EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.77 views

CVE-2021-27386

CVE-2021-27386 maps to a SmartVNC heap allocation leak vulnerability in the client-side device layout handler, leading to a potential Denial-of-Service . Affected products include Siemens/SmartVNC-enabled setups connected to SIMATIC HMI Comfort Outdoor Panels, HMI Comfort Panels, KTP Mobile Panel...

7.5CVSS7.4AI score0.01777EPSS
CVE
CVE
added 2021/05/12 1:18 p.m.72 views

CVE-2021-25661

CVE-2021-25661 is an out-of-bounds memory access vulnerability in SmartVNC that can be triggered on the client side when data is sent from the server, potentially causing a Denial-of-Service. Affected products include SIMATIC WinCC Runtime Advanced and related HMI/SU panels (Outdoor Panels v15/v1...

7.5CVSS7.3AI score0.01138EPSS
CVE
CVE
added 2020/07/14 1:18 p.m.60 views

CVE-2020-7592

The CVE-2020-7592 issue affects Siemens SIMATIC HMI panels and WinCC Runtime Advanced (all versions) where unencrypted communication between the configuration software and devices can allow an attacker on an adjacent network to capture plain text data and access sensitive information. Documented ...

6.5CVSS6.3AI score0.00332EPSS