CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46283
https://notcve.org/view.php?id=CVE-2023-46283
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash. Se ha identificado una vulnerabilidad en: Opcenter Quality (todas las versiones), SIMATIC PCS neo (todas las versiones < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). • https://cert-portal.siemens.com/productcert/html/ssa-999588.html https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46282
https://notcve.org/view.php?id=CVE-2023-46282
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user. Se ha identificado una vulnerabilidad en: Opcenter Quality (todas las versiones), SIMATIC PCS neo (todas las versiones < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. • https://cert-portal.siemens.com/productcert/html/ssa-999588.html https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46281
https://notcve.org/view.php?id=CVE-2023-46281
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior. Se ha identificado una vulnerabilidad en: Opcenter Quality (todas las versiones), SIMATIC PCS neo (todas las versiones < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. • https://cert-portal.siemens.com/productcert/html/ssa-999588.html https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46099
https://notcve.org/view.php?id=CVE-2023-46099
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later executed by another legitimate user. Se ha identificado una vulnerabilidad en SIMATIC PCS neo (todas las versiones < V4.1). Existe una vulnerabilidad de cross-site scripting almacenada en la Consola de Administración del producto afectado, que podría permitir a un atacante con altos privilegios inyectar código Javascript en la aplicación que luego será ejecutado por otro usuario legítimo. • https://cert-portal.siemens.com/productcert/pdf/ssa-456933.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46098
https://notcve.org/view.php?id=CVE-2023-46098
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior. Se ha identificado una vulnerabilidad en SIMATIC PCS neo (todas las versiones < V4.1). Al acceder al servidor de información desde los productos afectados, los productos utilizan una política CORS demasiado permisiva. • https://cert-portal.siemens.com/productcert/pdf/ssa-456933.pdf • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •