Filtered by vendor Siemens
Subscriptions
Total
2183 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4685 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-12 | N/A |
| Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control. | ||||
| CVE-2014-9369 | 1 Siemens | 6 Spc4000, Spc4000 Firmware, Spc5000 and 3 more | 2025-04-12 | N/A |
| Siemens SPC controllers SPC4000, SPC5000, and SPC6000 before 3.6.0 allow remote attackers to cause a denial of service (device restart) via crafted packets. | ||||
| CVE-2015-1602 | 1 Siemens | 1 Simatic Step 7 | 2025-04-12 | N/A |
| Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files. | ||||
| CVE-2014-8551 | 1 Siemens | 4 Simatic Pcs7, Simatic Pcs 7, Simatic Tiaportal and 1 more | 2025-04-12 | N/A |
| The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. | ||||
| CVE-2014-5233 | 2 Apple, Siemens | 2 Iphone Os, Simatic Wincc Sm\@rtclient | 2025-04-12 | N/A |
| The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism. | ||||
| CVE-2014-4684 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-12 | N/A |
| The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. | ||||
| CVE-2014-4683 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-12 | N/A |
| The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. | ||||
| CVE-2014-2246 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-4682 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-12 | N/A |
| The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. | ||||
| CVE-2016-3963 | 1 Siemens | 1 Scalance S613 | 2025-04-12 | N/A |
| Siemens SCALANCE S613 allows remote attackers to cause a denial of service (web-server outage) via traffic to TCP port 443. | ||||
| CVE-2014-2255 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2025-04-12 | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets. | ||||
| CVE-2014-2257 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2025-04-12 | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets. | ||||
| CVE-2014-5231 | 2 Apple, Siemens | 2 Iphone Os, Simatic Wincc Sm\@rtclient | 2025-04-12 | N/A |
| The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to extract the password from storage via unspecified vectors. | ||||
| CVE-2014-8552 | 1 Siemens | 4 Simatic Pcs7, Simatic Pcs 7, Simatic Tiaportal and 1 more | 2025-04-12 | N/A |
| The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. | ||||
| CVE-2015-5374 | 1 Siemens | 3 Siprotec 4, Siprotec Compact, Siprotec Firmware | 2025-04-12 | N/A |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device. | ||||
| CVE-2014-5232 | 2 Apple, Siemens | 2 Iphone Os, Simatic Wincc Sm\@rtclient | 2025-04-12 | N/A |
| The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state. | ||||
| CVE-2015-1599 | 1 Siemens | 1 Spcanywhere | 2025-04-12 | N/A |
| The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error. | ||||
| CVE-2016-9160 | 1 Siemens | 2 Simatic Pcs 7, Simatic Wincc | 2025-04-12 | N/A |
| A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions. | ||||
| CVE-2014-2733 | 1 Siemens | 1 Sinema Server | 2025-04-12 | N/A |
| Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. | ||||
| CVE-2014-2259 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2025-04-12 | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets. | ||||