CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46285
https://notcve.org/view.php?id=CVE-2023-46285
12 Dec 2023 — A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All ... • https://cert-portal.siemens.com/productcert/html/ssa-999588.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46284
https://notcve.org/view.php?id=CVE-2023-46284
12 Dec 2023 — A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All ... • https://cert-portal.siemens.com/productcert/html/ssa-999588.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46283
https://notcve.org/view.php?id=CVE-2023-46283
12 Dec 2023 — A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All ... • https://cert-portal.siemens.com/productcert/html/ssa-999588.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46282
https://notcve.org/view.php?id=CVE-2023-46282
12 Dec 2023 — A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All ... • https://cert-portal.siemens.com/productcert/html/ssa-999588.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2023-46281
https://notcve.org/view.php?id=CVE-2023-46281
12 Dec 2023 — A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All ... • https://cert-portal.siemens.com/productcert/html/ssa-999588.html • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0CVE-2023-30757
https://notcve.org/view.php?id=CVE-2023-30757
13 Jun 2023 — A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V... • https://cert-portal.siemens.com/productcert/pdf/ssa-042050.pdf • CWE-693: Protection Mechanism Failure •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-27194
https://notcve.org/view.php?id=CVE-2022-27194
12 Apr 2022 — A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually. Se ha identificado una vulnerabilidad en SIMATIC PCS neo (Consola de Administración) (todas las versiones an... • https://cert-portal.siemens.com/productcert/pdf/ssa-711829.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10934
https://notcve.org/view.php?id=CVE-2019-10934
16 Jan 2020 — A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 Update 4). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory pu... • https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •