CVSS: 7.5EPSS: 0%CPEs: 68EXPL: 0CVE-2022-40227
https://notcve.org/view.php?id=CVE-2022-40227
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions < V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets. Se ha identificado una vulnerabilidad en los paneles SIMATIC HMI Comfort (incl. variantes SIPLUS) (Todas las versiones anteriores a V17 Actualización 4), SIMATIC HMI KTP Mobile Panels (Todas las versiones anteriores a V17 Actualización 4), SIMATIC HMI KTP1200 Basic (Todas las versiones anteriores a V17 Actualización 5), SIMATIC HMI KTP400 Basic (Todas las versiones anteriores a V17 Actualización 5), SIMATIC HMI KTP700 Basic (Todas las versiones anteriores a V17 Actualización 5), SIMATIC HMI KTP900 Basic (Todas las versiones anteriores a V17 Actualización 5), SIPLUS HMI KTP1200 BASIC (Todas las versiones anteriores a V17 Actualización 5), SIPLUS HMI KTP400 BASIC (Todas las versiones anteriores a V17 Actualización 5), SIPLUS HMI KTP700 BASIC (Todas las versiones anteriores a V17 Actualización 5), SIPLUS HMI KTP900 BASIC (Todas las versiones anteriores a V17 Actualización 5). • https://cert-portal.siemens.com/productcert/pdf/ssa-384224.pdf • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-19276
https://notcve.org/view.php?id=CVE-2019-19276
A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service. Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels 1st Generation (incluyendo variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels (Todas las versiones anteriores a V16 Update 4). • https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 28EXPL: 0CVE-2020-15798 – Siemens Comfort Panel Telnet Service Missing Authentication Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-15798
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046) Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels (incl. • https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2019-6576
https://notcve.org/view.php?id=CVE-2019-6576
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. • http://www.securityfocus.com/bid/108412 https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf https://www.us-cert.gov/ics/advisories/ICSA-19-134-09 • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 0%CPEs: 23EXPL: 0CVE-2019-6572
https://notcve.org/view.php?id=CVE-2019-6572
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. • http://www.securityfocus.com/bid/108412 https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf https://www.us-cert.gov/ics/advisories/ICSA-19-134-09 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-798: Use of Hard-coded Credentials •