CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30897
https://notcve.org/view.php?id=CVE-2023-30897
A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. • https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2017-12069
https://notcve.org/view.php?id=CVE-2017-12069
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Se ha identificado una vulnerabilidad XXE en OPC Foundation UA .NET Sample Code antes del 21-03-2017 y Local Discovery Server (LDS) antes de la versión 1.03.367. Los siguientes productos se han visto afectados por esta vulnerabilidad, entre otros: Siemens SIMATIC PCS7 (todas las versiones V8.1 y anteriores), SIMATIC WinCC (todas las versiones anteriores a V7.4 SP1), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V14 SP1), SIMATIC NET PC Software y SIMATIC IT Production Suite. • http://www.securityfocus.com/bid/100559 http://www.securitytracker.com/id/1039510 https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2017-6865
https://notcve.org/view.php?id=CVE-2017-6865
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover. Se ha identificado una vulnerabilidad en Primary Setup Tool (PST) (todas las versiones 4.2 HF1), SIMATIC Automation Tool (todas las versiones 3.0), SIMATIC NET PC-software (todas las versiones 14 SP1), SIMATIC PCS 7 Versión 8.1 (todas las versiones), SIMATIC PCS 7 Versión 8.2 (todas las versiones 8.2 SP1), SIMATIC STEP Versión 7 (TIA Portal) Versión 13 (todas las versiones 13 SP2), SIMATIC STEP Versión 7 (TIA Portal) Versión 14 (todas las versiones 14 SP1), SIMATIC STEP 7 Versión 5.x (todas las versiones 5.6), SIMATIC WinAC RTX 2010 SP2 (todas las versiones), SIMATIC WinAC RTX F 2010 SP2 (todas versiones), SIMATIC WinCC (TIA Portal) Versión 13 (todas las versiones 13 SP2), SIMATIC WinCC (TIA Portal) Versión 14 (todas las versiones 14 SP1), SIMATIC WinCC Versión 7.2 y anteriores (todos versiones), SIMATIC WinCC Versión 7.3 (todas las versiones 7.3 actualización 15), SIMATIC WinCC Versión 7.4 (todas las versiones 7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (todas las versiones anteriores a flexible 2008 SP5), SINAUT ST7CC (todas las versiones instaladas en conjunto con SIMATIC WinCC Versión 7.3 actualización 15), SINEMA Server (todas las versiones 14), SINUMERIK 808D Programming Tool (todas las versiones 4.7 SP4 HF2), SMART PC Access (todas las versiones 2.3), STEP 7 - Micro/WIN SMART (todas las versiones 2.3), Security Configuration Tool (SCT) (todas las versiones 5.0). Los paquetes de difusión PROFINET DCP especialmente creados enviados a los productos afectados en un segmento Ethernet local (Layer 2) podrían causar una condición de denegación de servicio de algunos servicios. • https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf https://www.securityfocus.com/bid/98366 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2822
https://notcve.org/view.php?id=CVE-2015-2822
Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102. Siemens SIMATIC HMI Comfort Panels anterior a WinCC (TIA Portal) 13 SP1 Upd2 y SIMATIC WinCC Runtime Advanced anterior a WinCC (TIA Portal) 13 SP1 Upd2 permiten a atacantes man-in-the-middle causar una denegación de servicio a través de paquetes manipulados en el puerto TCP 102. • http://www.securityfocus.com/bid/74028 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 0CVE-2015-2823
https://notcve.org/view.php?id=CVE-2015-2823
Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password. Siemens SIMATIC HMI Basic Panels 2nd Generation anterior a WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels anterior a WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced anterior a WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional anterior a WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), y SIMATIC WinCC 7.x anterior a 7.3 Upd4 permiten a atacantes remotos completar la autenticación mediante el aprovechamiento de conocimiento de un hash de contraseñas sin conocer la contraseña asociada. • http://www.securityfocus.com/bid/74040 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf • CWE-287: Improper Authentication •