CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-33698
https://notcve.org/view.php?id=CVE-2024-33698
A vulnerability has been identified in SIMATIC Information Server 2022 (All versions), SIMATIC Information Server 2024 (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code. • https://cert-portal.siemens.com/productcert/html/ssa-039007.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44315
https://notcve.org/view.php?id=CVE-2023-44315
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones < V2.0). La aplicación afectada sanitiza incorrectamente ciertos datos de configuración SNMP recuperados de los dispositivos monitorizados. • https://cert-portal.siemens.com/productcert/html/ssa-160243.html https://cert-portal.siemens.com/productcert/pdf/ssa-160243.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30527
https://notcve.org/view.php?id=CVE-2022-30527
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones < V2.0). La aplicación afectada asigna derechos de acceso indebidos a carpetas específicas que contienen librerías y archivos ejecutables. Esto podría permitir que un atacante local autenticado inyecte código arbitrario y escale privilegios. • https://cert-portal.siemens.com/productcert/html/ssa-160243.html https://cert-portal.siemens.com/productcert/pdf/ssa-160243.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.5EPSS: 1%CPEs: 17EXPL: 3CVE-2021-42550 – RCE from attacker with configuration edit priviledges through JNDI lookup
https://notcve.org/view.php?id=CVE-2021-42550
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. En logback versiones 1.2.7 y anteriores, un atacante con los privilegios necesarios para editar archivos de configuración podría diseñar una configuración maliciosa que permitiera ejecutar código arbitrario cargado desde servidores LDAP A flaw was found in the logback package. When using a specially-crafted configuration, this issue could allow a remote authenticated attacker to execute arbitrary code loaded from LDAP servers. • http://logback.qos.ch/news.html http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html http://seclists.org/fulldisclosure/2022/Jul/11 https://cert-portal.siemens.com/productcert/pdf/ssa-371761.pdf https://github.com/cn-panda/logbackRceDemo https://jira.qos.ch/browse/LOGBACK-1591 https://security.netapp.com/advisory/ntap-20211229-0001 https://access.redhat.com/security/cve/CVE-2021-42550 https://bugzilla.redhat.com/show_ • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33736
https://notcve.org/view.php?id=CVE-2021-33736
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application. Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones anteriores a V1.0 SP2 Update 1). Un atacante autenticado con privilegios podría ejecutar comandos arbitrarios en la base de datos local mediante el envío de peticiones diseñadas al servidor web de la aplicación afectada • https://cert-portal.siemens.com/productcert/pdf/ssa-163251.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •