CVSS: 6.4EPSS: 0%CPEs: 60EXPL: 0CVE-2022-40631
https://notcve.org/view.php?id=CVE-2022-40631
11 Oct 2022 — A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS ... • https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.6EPSS: 0%CPEs: 58EXPL: 0CVE-2022-26649
https://notcve.org/view.php?id=CVE-2022-26649
12 Jul 2022 — A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS... • https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.2EPSS: 0%CPEs: 58EXPL: 0CVE-2022-26648
https://notcve.org/view.php?id=CVE-2022-26648
12 Jul 2022 — A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS... • https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0CVE-2022-26647
https://notcve.org/view.php?id=CVE-2022-26647
12 Jul 2022 — A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS... • https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.7EPSS: 0%CPEs: 157EXPL: 0CVE-2020-28400
https://notcve.org/view.php?id=CVE-2020-28400
13 Jul 2021 — Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autentificado desencadenar una condición de denegación de servicio. La vulnerabilidad puede activarse si se envía una gran cantidad de paquetes de restablecimiento de DCP al dispositivo Affected devices con... • https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0CVE-2021-25668
https://notcve.org/view.php?id=CVE-2021-25668
22 Apr 2021 — A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204... • https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 58EXPL: 0CVE-2021-25669
https://notcve.org/view.php?id=CVE-2021-25669
22 Apr 2021 — A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204... • https://cert-portal.siemens.com/productcert/pdf/ssa-187092.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 71EXPL: 0CVE-2021-29998
https://notcve.org/view.php?id=CVE-2021-29998
13 Apr 2021 — An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. Se detectó un problema en Wind River VxWorks versiones anteriores a 6.5. Se presenta un posible desbordamiento de la pila en el cliente dhcp • https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf • CWE-787: Out-of-bounds Write •