| CVE-2014-1699 |
medium |
— |
5.0 |
|
|
siemens |
13y ago |
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999. |
| CVE-2014-1698 |
medium |
— |
5.0 |
|
|
siemens |
13y ago |
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. |
| CVE-2014-1697 |
high |
— |
7.5 |
|
|
siemens |
13y ago |
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. |
| CVE-2014-1696 |
medium |
— |
5.0 |
|
|
siemens |
13y ago |
Siemens SIMATIC WinCC OA before 3.12 P002 January uses a weak hash algorithm for passwords, which makes it easier for remote attackers to obtain access via a brute-force attack. |
| CVE-2013-6840 |
medium |
— |
6.9 |
|
|
siemens |
13y ago |
Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via unspecified vectors. |
| CVE-2013-4943 |
high |
— |
7.2 |
|
|
siemens |
13y ago |
The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrict… |
| CVE-2013-4912 |
medium |
— |
5.8 |
|
|
siemens |
13y ago |
Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper … |
| CVE-2013-4911 |
medium |
— |
6.8 |
|
|
siemens |
13y ago |
Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging imprope… |
| CVE-2013-4781 |
critical |
— |
10.0 |
|
|
siemens |
13y ago |
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to execute arbitrar… |
| CVE-2013-4780 |
high |
— |
7.8 |
|
|
siemens |
13y ago |
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to read arbitrary f… |
| CVE-2013-4779 |
medium |
— |
4.3 |
|
|
siemens |
13y ago |
Cross-site scripting (XSS) vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.… |
| CVE-2013-4778 |
high |
— |
7.8 |
|
|
siemens |
13y ago |
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to obtain sensitive… |
| CVE-2013-3927 |
medium |
— |
4.6 |
|
|
siemens |
13y ago |
Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging re… |
| CVE-2013-3959 |
medium |
— |
4.0 |
|
|
siemens |
13y ago |
The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the use… |
| CVE-2013-3958 |
high |
— |
7.5 |
|
|
siemens |
13y ago |
The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for … |
| CVE-2013-3957 |
high |
— |
7.5 |
|
|
siemens |
13y ago |
SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to e… |
| CVE-2013-0659 |
critical |
— |
10.0 |
|
|
siemens |
13y ago |
The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185. |
| CVE-2013-0679 |
medium |
— |
4.0 |
|
|
siemens |
13y ago |
Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files v… |
| CVE-2013-0678 |
medium |
— |
4.0 |
|
|
siemens |
13y ago |
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated… |
| CVE-2013-0677 |
medium |
— |
5.8 |
|
|
siemens |
13y ago |
The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a craft… |
| CVE-2013-0676 |
medium |
— |
4.0 |
|
|
siemens |
13y ago |
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote auth… |
| CVE-2013-0675 |
medium |
— |
6.1 |
|
|
siemens |
13y ago |
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a deni… |
| CVE-2013-0674 |
medium |
— |
6.8 |
|
|
siemens |
13y ago |
Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long p… |
| CVE-2013-0671 |
medium |
— |
4.0 |
|
|
siemens |
13y ago |
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. |
| CVE-2013-0670 |
medium |
— |
4.3 |
|
|
siemens |
13y ago |
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra… |
| CVE-2013-0669 |
medium |
— |
4.0 |
|
|
siemens |
13y ago |
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. |
| CVE-2013-0668 |
medium |
— |
4.3 |
|
|
siemens |
13y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. |
| CVE-2013-0667 |
medium |
— |
4.3 |
|
|
siemens |
13y ago |
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |
| CVE-2011-4515 |
medium |
— |
4.6 |
|
|
siemens |
13y ago |
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive informatio… |
| CVE-2013-0656 |
medium |
— |
6.8 |
|
|
siemens |
14y ago |
Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGER Basic 3.0 and earlier, allows remote attackers to execute arbitrary code via a crafted web site. |
| CVE-2012-5409 |
critical |
— |
10.0 |
EXP |
|
siemens |
14y ago |
AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data t… |
| CVE-2012-3034 |
medium |
— |
4.3 |
|
|
siemens |
14y ago |
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified method… |
| CVE-2012-3032 |
high |
— |
7.5 |
|
|
siemens |
14y ago |
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted S… |
| CVE-2012-3031 |
medium |
— |
4.3 |
|
|
siemens |
14y ago |
Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web sc… |
| CVE-2012-3030 |
medium |
— |
5.0 |
|
|
siemens |
14y ago |
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote at… |
| CVE-2012-3028 |
medium |
— |
6.8 |
|
|
siemens |
14y ago |
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication … |
| CVE-2012-3009 |
high |
— |
8.5 |
|
|
siemens |
14y ago |
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. |
| CVE-2012-3015 |
medium |
— |
6.9 |
|
|
siemens |
14y ago |
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse D… |
| CVE-2012-3003 |
medium |
— |
5.8 |
|
|
siemens |
14y ago |
Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi… |
| CVE-2012-2598 |
medium |
— |
4.3 |
|
|
siemens |
14y ago |
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. |
| CVE-2012-2597 |
medium |
— |
4.0 |
|
|
siemens |
14y ago |
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. |
| CVE-2012-2596 |
medium |
— |
5.5 |
|
|
siemens |
14y ago |
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to … |
| CVE-2012-2595 |
medium |
— |
4.3 |
|
|
siemens |
14y ago |
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors … |
| CVE-2012-1802 |
high |
— |
7.8 |
|
|
siemens |
14y ago |
Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 befor… |
| CVE-2012-1800 |
medium |
— |
6.1 |
|
|
siemens |
14y ago |
Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote att… |
| CVE-2012-1799 |
critical |
— |
10.0 |
|
|
siemens |
14y ago |
The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier … |
| CVE-2011-4879 |
high |
— |
9.5 |
EXP |
|
siemens |
15y ago |
miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SI… |
| CVE-2011-4878 |
high |
— |
8.8 |
EXP |
|
siemens |
15y ago |
Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP,… |
| CVE-2011-4877 |
high |
— |
8.1 |
EXP |
|
siemens |
15y ago |
HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime… |
| CVE-2011-4876 |
critical |
— |
10.0 |
EXP |
|
siemens |
15y ago |
Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels … |
| CVE-2011-4875 |
critical |
— |
10.0 |
EXP |
|
siemens |
15y ago |
Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATI… |
| CVE-2011-4514 |
critical |
— |
10.0 |
|
|
siemens |
15y ago |
The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; a… |
| CVE-2011-4513 |
critical |
— |
10.0 |
|
|
siemens |
15y ago |
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Run… |
| CVE-2011-4512 |
medium |
— |
5.0 |
|
|
siemens |
15y ago |
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and… |
| CVE-2011-4511 |
medium |
— |
4.3 |
|
|
siemens |
15y ago |
Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort… |
| CVE-2011-4510 |
medium |
— |
4.3 |
|
|
siemens |
15y ago |
Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort… |
| CVE-2011-4509 |
critical |
— |
10.0 |
|
|
siemens |
15y ago |
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; … |
| CVE-2011-4508 |
critical |
— |
9.3 |
|
|
siemens |
15y ago |
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panel… |
| CVE-2011-4532 |
medium |
— |
6.0 |
EXP |
|
siemens |
15y ago |
Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd… |
| CVE-2011-4531 |
medium |
— |
6.0 |
EXP |
|
siemens |
15y ago |
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_tar… |
| CVE-2011-4530 |
medium |
— |
6.0 |
EXP |
|
siemens |
15y ago |
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon… |
| CVE-2011-4529 |
high |
— |
8.5 |
EXP |
|
siemens |
15y ago |
Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as… |
| CVE-2011-4056 |
medium |
— |
5.8 |
|
|
siemens |
15y ago |
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files … |
| CVE-2011-4055 |
critical |
— |
9.3 |
|
|
siemens |
15y ago |
Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a lon… |
| CVE-2011-3321 |
critical |
— |
9.3 |
|
|
siemens |
15y ago |
Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a … |
| CVE-2010-2772 |
high |
7.8 |
7.8 |
|
|
siemens |
16y ago |
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the St… |
