CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2022-40227
https://notcve.org/view.php?id=CVE-2022-40227
11 Oct 2022 — A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Updat... • https://cert-portal.siemens.com/productcert/pdf/ssa-384224.pdf • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 155EXPL: 0CVE-2021-27385
https://notcve.org/view.php?id=CVE-2021-27385
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 155EXPL: 0CVE-2021-27386
https://notcve.org/view.php?id=CVE-2021-27386
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 139EXPL: 0CVE-2021-25660
https://notcve.org/view.php?id=CVE-2021-25660
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •
CVSS: 7.5EPSS: 0%CPEs: 139EXPL: 0CVE-2021-25661
https://notcve.org/view.php?id=CVE-2021-25661
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 7.5EPSS: 0%CPEs: 139EXPL: 0CVE-2021-25662
https://notcve.org/view.php?id=CVE-2021-25662
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 155EXPL: 0CVE-2021-27383
https://notcve.org/view.php?id=CVE-2021-27383
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 1%CPEs: 155EXPL: 0CVE-2021-27384
https://notcve.org/view.php?id=CVE-2021-27384
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP90... • https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-19276
https://notcve.org/view.php?id=CVE-2019-19276
12 May 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Panels 1st Generation (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 4). Specially crafted packets sent to port 161/udp can cause the SNMP service of affected devices to crash. A manual restart of the device is required to resume operation of the service. Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels 1st Generation (incluyendo variantes SIPLUS) (Todas las versione... • https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 28EXPL: 0CVE-2020-15798 – Siemens Comfort Panel Telnet Service Missing Authentication Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-15798
04 Feb 2021 — A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet servic... • https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf • CWE-306: Missing Authentication for Critical Function •