CVE-2021-42029
https://notcve.org/view.php?id=CVE-2021-42029
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server. Se ha identificado una vulnerabilidad en SIMATIC STEP 7 (TIA Portal) versión V15 (Todas las versiones), SIMATIC STEP 7 (TIA Portal) versión V16 (todas las versiones anteriores a versión V16 Update 5), SIMATIC STEP 7 (TIA Portal) versión V17 (todas las versiones anteriores a versión V17 Update 2). Un atacante podría lograr una escalada de privilegios en el servidor web de determinados dispositivos debido a una vulnerabilidad de control de acceso inapropiada en el software del sistema de ingeniería. • https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf • CWE-284: Improper Access Control •
CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulse • CWE-476: NULL Pointer Dereference •
CVE-2013-0700
https://notcve.org/view.php?id=CVE-2013-0700
Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to TCP port 102 (aka the ISO-TSAP port). Siemens SIMATIC S7-1200 PLCs v2.x y v3.x ermite a atacantes remotos causar una denegación de servicios (transición de modo defecto e interrupción de control) a través de paquetes TCP manipulados dirigidos al puerto 102 (conocido como puerto ISO-TSAP). • http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-724606.pdf •
CVE-2013-2780
https://notcve.org/view.php?id=CVE-2013-2780
Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). Siemens SIMATIC S7-1200 PLCs v2.x y v3.x permite a atacantes remotos causar una denegación de servicio mediante paquetes especialmente creados hacia el puerto UDP 161 (puerto SNMP) • http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-724606.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-724606.pdf •
CVE-2012-3040
https://notcve.org/view.php?id=CVE-2012-3040
Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x through 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el servidor web SIMATIC S7-1200 PLCs v2.x hasta v3.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una URI específicamente construida. • http://en.securitylab.ru/lab/PT-2012-50 http://osvdb.org/86130 http://secunia.com/advisories/50816 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-279823.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-283-01.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •