CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-45117
https://notcve.org/view.php?id=CVE-2021-45117
21 Mar 2022 — The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference. Los stubs de pila ANSI C autogenerados por OPC (en los NodeSets) no manejan todos los casos de error. Esto puede conllevar a una desreferencia de puntero NULL • https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-40142
https://notcve.org/view.php?id=CVE-2021-40142
27 Aug 2021 — In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. En OPC Foundation Local Discovery Server (LDS) versiones anteriores a 1.04.402.463, unos atacantes remotos pueden causar una denegación de servicio (DoS) mediante el envío de mensajes cuidadosamente diseñados que conllevan a el Acceso a una Ubicación de Memoria Después del Final de un... • https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 68EXPL: 0CVE-2019-6575
https://notcve.org/view.php?id=CVE-2019-6575
17 Apr 2019 — A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.... • https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4835
https://notcve.org/view.php?id=CVE-2018-4835
25 Jan 2018 — A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's port 8000/tcp could bypass the authentication mechanism and read limited information. Se ha identificado una vulnerabilidad en TeleControl Server Basic en versiones anteriores a la 3.1. Un atacante con acceso de red al puerto 8000/tcp de TeleControl Server Basic podría evadir el mecanismo de autenticación y leer información limitada. • http://www.securityfocus.com/bid/102894 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4836
https://notcve.org/view.php?id=CVE-2018-4836
25 Jan 2018 — A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations. Se ha identificado una vulnerabilidad en TeleControl Server Basic en versiones anteriores a la 3.1. Un atacante autenticado con una cuenta de privilegios bajos en el puerto 8000/tcp de TeleControl Server Basic podría escalar sus privilegios y realizar operaciones adm... • http://www.securityfocus.com/bid/102897 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2018-4837
https://notcve.org/view.php?id=CVE-2018-4837
25 Jan 2018 — A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition. Se ha identificado una vulnerabilidad en TeleControl Server Basic en versiones anteriores a la 3.1. Un atacante con acceso al servidor web de Telecontrol Server Basic (puerto... • http://www.securityfocus.com/bid/102819 • CWE-400: Uncontrolled Resource Consumption •