CVSS: 8.2EPSS: 0%CPEs: 6EXPL: 0CVE-2023-46280
https://notcve.org/view.php?id=CVE-2023-46280
14 May 2024 — A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V16 (All versions), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC PCS 7 V9.1 (All versions), SIMATIC PDM V9.2 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions),... • https://cert-portal.siemens.com/productcert/html/ssa-962515.html • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-28829
https://notcve.org/view.php?id=CVE-2023-28829
13 Jun 2023 — A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These services were designed on top of the Windows... • https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf • CWE-477: Use of Obsolete Function •
CVSS: 7.2EPSS: 0%CPEs: 44EXPL: 0CVE-2020-7580
https://notcve.org/view.php?id=CVE-2020-7580
10 Jun 2020 — A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 S... • https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 1%CPEs: 68EXPL: 0CVE-2019-6575
https://notcve.org/view.php?id=CVE-2019-6575
17 Apr 2019 — A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.... • https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 48EXPL: 0CVE-2018-4832 – Siemens Security Advisory - SPPA-T3000 Code Execution
https://notcve.org/view.php?id=CVE-2018-4832
24 Apr 2018 — A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All vers... • http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2017-6865
https://notcve.org/view.php?id=CVE-2017-6865
11 May 2017 — A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All version... • https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 27EXPL: 0CVE-2016-7165
https://notcve.org/view.php?id=CVE-2016-7165
15 Nov 2016 — A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (... • http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html • CWE-254: 7PK - Security Features CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2016-5874
https://notcve.org/view.php?id=CVE-2016-5874
22 Jul 2016 — Siemens SIMATIC NET PC-Software before 13 SP2 allows remote attackers to cause a denial of service (OPC UA service outage) via crafted TCP packets. Siemens SIMATIC NET PC-Software en versiones anteriores a 13 SP2 permite a atacantes remotos provocar una denegación de servicio (corte del servicio OPC UA) a través de paquetes TCP manipulados. • http://www.securityfocus.com/bid/92110 • CWE-20: Improper Input Validation •