CVE-2024-33698
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIMATIC Information Server 2022 (All versions), SIMATIC Information Server 2024 (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-04-26 CVE Reserved
- 2024-09-10 CVE Published
- 2024-09-10 CVE Updated
- 2024-09-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (1)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | SIMATIC Information Server 2022 Search vendor "Siemens" for product "SIMATIC Information Server 2022" | 0 Search vendor "Siemens" for product "SIMATIC Information Server 2022" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | SIMATIC Information Server 2024 Search vendor "Siemens" for product "SIMATIC Information Server 2024" | 0 Search vendor "Siemens" for product "SIMATIC Information Server 2024" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | SIMATIC PCS Neo V4.0 Search vendor "Siemens" for product "SIMATIC PCS Neo V4.0" | 0 Search vendor "Siemens" for product "SIMATIC PCS Neo V4.0" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | SIMATIC PCS Neo V5.0 Search vendor "Siemens" for product "SIMATIC PCS Neo V5.0" | 0 Search vendor "Siemens" for product "SIMATIC PCS Neo V5.0" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | SINEC NMS Search vendor "Siemens" for product "SINEC NMS" | 0 Search vendor "Siemens" for product "SINEC NMS" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | Totally Integrated Automation Portal (TIA Portal) V16 Search vendor "Siemens" for product "Totally Integrated Automation Portal (TIA Portal) V16" | 0 Search vendor "Siemens" for product "Totally Integrated Automation Portal (TIA Portal) V16" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | Totally Integrated Automation Portal (TIA Portal) V18 Search vendor "Siemens" for product "Totally Integrated Automation Portal (TIA Portal) V18" | 0 Search vendor "Siemens" for product "Totally Integrated Automation Portal (TIA Portal) V18" and version "0" | en |
Affected
| ||||||
Siemens Search vendor "Siemens" | Totally Integrated Automation Portal (TIA Portal) V19 Search vendor "Siemens" for product "Totally Integrated Automation Portal (TIA Portal) V19" | 0 Search vendor "Siemens" for product "Totally Integrated Automation Portal (TIA Portal) V19" and version "0" | en |
Affected
|