Siemens Latest Vulnerabilities
December 16
Heap-Based Buffer Overflow in Siemens Automation Products
CVE-2024-49775
SiemensOpcenter Execution Fou...9.8CRITICAL
December 10
Integer Underflow Vulnerability in Solid Edge SE2024 Could Allow Code Execution
CVE-2024-54095
SiemensSolid Edge Se20247.8HIGH
Heap-Based Buffer Overflow Vulnerability Affects Solid Edge SE2024
CVE-2024-54094
SiemensSolid Edge Se20247.8HIGH
Heap-Based Buffer Overflow Vulnerability Affects Solid Edge SE2024
CVE-2024-54093
SiemensSolid Edge Se20247.8HIGH
Parasolid Vulnerability Could Allow Execution of Code in Context of Current Process
CVE-2024-54091
SiemensParasolid V36.17.8HIGH
COMOS PDMS/E3D Interface Vulnerability Could Allow File Extraction
CVE-2024-54005
SiemensComos V10.35.1MEDIUM
Secure Element Vulnerability Exposes Password and Update Files to Physical Attack
CVE-2024-53832
SiemensCpci85 Central Process...4.6MEDIUM
Siemens Teamcenter Visualization Vulnerability Affects Multiple Releases
CVE-2024-53242
SiemensTeamcenter Visualizati...7.8HIGH
Siemens Teamcenter Visualization Vulnerability: Stack-Based Overflow in WRL File Processing
CVE-2024-53041
SiemensTeamcenter Visualizati...7.8HIGH
{"Vulnerability in Siemens PLCs and SCADA Systems Could Allow Arbitrary Code Execution"}
CVE-2024-52051
SiemensSimatic S7-plcsim V177.3HIGH
{"Vulnerability in Siemens Products Could Allow Arbitrary Code Execution"}
CVE-2024-49849
SiemensSimatic S7-plcsim V167.8HIGH
COMOS XML External Entity Vulnerability
CVE-2024-49704
SiemensComos V10.35.5MEDIUM
Cross-Site Request Forgery (CSRF) Vulnerability Affects RUGGEDCOM ROX Devices
CVE-2020-28398
SiemensRuggedcom Rox Mx50008.8HIGH
December 6
Vulnerability in syngo.plaza VB30E Allows Execution of Malicious SQL Commands
CVE-2024-52335
SiemensSyngo.plaza Vb30e9.8CRITICAL
November 18
CVE-2024-52569
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52574
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52568
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52567
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52571
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52572
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52566
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52570
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52573
SiemensTeamcenter Visualizati...7.8HIGH
CVE-2024-52565
SiemensTeamcenter Visualizati...7.8HIGH
November 12
RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) and other products remote code execution vulnerability
CVE-2024-50572
SiemensRuggedcom Rm1224 Lte(4...7.2HIGH
SCALANCE Mxx6-x ADSL-Router vulnerable to file sanitization attack
CVE-2024-50561
SiemensRuggedcom Rm1224 Lte(4...6.1MEDIUM
{"{\"name\":\"Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet\",\"versions\":[\"< V8.2\"]}"}
CVE-2024-50560
SiemensRuggedcom Rm1224 Lte(4...4.3MEDIUM
Siemens SCALANCE Products Vulnerability
CVE-2024-50559
SiemensRuggedcom Rm1224 Lte(4...4.3MEDIUM
Vulnerability in RUGGEDCOM RM1224 LTE(4G) Devices Could Lead to Denial of Service
CVE-2024-50558
SiemensRuggedcom Rm1224 Lte(4...4.3MEDIUM
Input Validation Vulnerability in iperf Functionality Could Allow Arbitrary Code Execution
CVE-2024-50557
SiemensRuggedcom Rm1224 Lte(4...9.8CRITICAL
Race Condition Vulnerability Affects Mendix Runtime Versions
CVE-2024-50313
SiemensMendix Runtime V104.8MEDIUM
Unauthorized Access to Filesystem via Authentication Bypass
CVE-2024-50310
SiemensSimatic Cp 1543-1 V4.07.5HIGH
DLL Hijacking Vulnerability Affects Solid Edge SE2024
CVE-2024-47942
SiemensSolid Edge Se20247.3HIGH
Vulnerability in Solid Edge SE2024 Could Allow Execution of Code
CVE-2024-47941
SiemensSolid Edge Se20247.8HIGH
Vulnerability in Solid Edge SE2024 Allows Execution of Code
CVE-2024-47940
SiemensSolid Edge Se20247.8HIGH
Arbitrary File Write Vulnerability in SINEC NMS
CVE-2024-47808
SiemensSinec Nms6.5MEDIUM
Local Attacker Could Gain Elevated Privileges via Incorrect File Permissions
CVE-2024-47783
SiemensSiport7.8HIGH
Remotely exploitable vulnerability in SINEC INS allows attackers to access sensitive SFTP user config
CVE-2024-46894
SiemensSinec Ins6.3MEDIUM
Vulnerability in SINEC INS Could Allow Continued Malicious Actions After User Disabling
CVE-2024-46892
SiemensSinec Ins8.1HIGH
Unauthenticated Remote Attack Could Trigger Denial of Service Condition Through Exhaustion of System Resources
CVE-2024-46891
SiemensSinec Ins5.3MEDIUM
Invalid Input Validation in SINEC INS Leads to Arbitrary Code Execution
CVE-2024-46890
SiemensSinec Ins9.1CRITICAL
SINEC INS Vulnerability: Hard-Coded Cryptographic Key Material Exposes Configuration Files
CVE-2024-46889
SiemensSinec Ins5.3MEDIUM
Arbitrary File Manipulation and Code Execution Vulnerability
CVE-2024-46888
SiemensSinec Ins9.9CRITICAL
Serielization Vulnerability in TeleControl Server Basic Could Allow Arbitrary Code Execution
CVE-2024-44102
SiemensPp Telecontrol Server ...10CRITICAL
Stored Cross-Site Scripting (XSS) Vulnerability Affects OZW672 Devices
CVE-2024-36140
SiemensOzw6725.4MEDIUM
Local Privilege Escalation Vulnerability Affects Spectrum Power 7
CVE-2024-29119
SiemensSpectrum Power 77.8HIGH
{"Vulnerability in Siemens Products Could Allow Arbitrary Code Execution"}
CVE-2023-32736
SiemensSimatic S7-plcsim V167.3HIGH
October 23
CVE-2024-47903
SiemensIntermesh 7177 Hybrid ...9.1CRITICAL
CVE-2024-47904
SiemensIntermesh 7177 Hybrid ...7.8HIGH
CVE-2024-47902
SiemensIntermesh 7177 Hybrid ...9.8CRITICAL
October 8
Siemens SINEC Security Monitor Vulnerability: Authentication Bypass Risk
CVE-2024-47565
SiemensSiemens Sinec Security...4.3MEDIUM
Invalid File Path Validation in SINEC Security Monitor Could Lead to File Compromise
CVE-2024-47563
SiemensSiemens Sinec Security...5.3MEDIUM
SINEC Security Monitor Vulnerability Affects Authentication and Privilege Escalation
CVE-2024-47562
SiemensSiemens Sinec Security...8.8HIGH
SINEC Security Monitor Vulnerability - Arbitrary Code Execution
CVE-2024-47553
SiemensSiemens Sinec Security...9.9CRITICAL
Arbitrary Code Execution Vulnerability in vsimk.exe
CVE-2024-47196
SiemensModelsim7.3HIGH
ModelSim Vulnerability Allows Arbitrary Code Injection and Privilege Escalation
CVE-2024-47195
SiemensModelsim7.3HIGH
ModelSim Vulnerability Could Allow Arbitrary Code Injection and Privilege Escalation
CVE-2024-47194
SiemensModelsim7.3HIGH
Siemens Simcenter Nastran vulnerable to memory corruption
CVE-2024-47046
SiemensSimcenter Femap V23067.8HIGH
Unauthenticated Remote Attacker Could Gain Knowledge of Current Cycle Times and Communication Load
CVE-2024-46887
SiemensSimatic Drive Controll...5.3MEDIUM
Attackers Can Redirect Users to Malicious URLs via Insecure Input Validation
CVE-2024-46886
SiemensSimatic Drive Controll...4.7MEDIUM
Tecnomatix Plant Simulation Vulnerability Leads to Denial of Service
CVE-2024-45476
SiemensTeamcenter Visualizati...3.3LOW
Memory Corruption vulnerability in Tecnomatix Plant Simulation
CVE-2024-45475
SiemensTeamcenter Visualizati...7.8HIGH
Memory Corruption Vulnerability in Tecnomatix Plant Simulation
CVE-2024-45474
SiemensTeamcenter Visualizati...7.8HIGH
Tecnomatix Plant Simulation Vulnerable to Memory Corruption
CVE-2024-45473
SiemensTeamcenter Visualizati...7.8HIGH
Memory Corruption Vulnerability in Tecnomatix Plant Simulation
CVE-2024-45472
SiemensTeamcenter Visualizati...7.8HIGH
Specially Crafted WRL File Vulnerability Affects Tecnomatix Plant Simulation
CVE-2024-45471
SiemensTeamcenter Visualizati...7.8HIGH
Specially Crafted WRL File Vulnerability Affects Tecnomatix Plant Simulation
CVE-2024-45470
SiemensTeamcenter Visualizati...7.8HIGH
Tecnomatix Plant Simulation Vulnerability: Out of Bounds Write Risk
CVE-2024-45469
SiemensTeamcenter Visualizati...7.8HIGH
Memory Corruption Vulnerability in Tecnomatix Plant Simulation
CVE-2024-45468
SiemensTeamcenter Visualizati...7.8HIGH
Memory Corruption Vulnerability in Tecnomatix Plant Simulation
CVE-2024-45467
SiemensTeamcenter Visualizati...7.8HIGH
Tecnomatix Plant Simulation Vulnerability: Execution of Code in Context of Current Process Possible
CVE-2024-45466
SiemensTeamcenter Visualizati...7.8HIGH
Vulnerability in Tecnomatix Plant Simulation Could Allow Execution of Code
CVE-2024-45465
SiemensTeamcenter Visualizati...7.8HIGH
Vulnerability in Tecnomatix Plant Simulation Could Allow Code Execution
CVE-2024-45464
SiemensTeamcenter Visualizati...7.8HIGH
Tecnomatix Plant Simulation Vulnerability Could Allow code Execution
CVE-2024-45463
SiemensTeamcenter Visualizati...7.8HIGH
Heap-Based Buffer Overflow Vulnerability Affects Simcenter Nastran
CVE-2024-41981
SiemensSimcenter Femap V23067.8HIGH
Stack-based buffer overflow vulnerability in JT2Go could allow code execution
CVE-2024-41902
SiemensJt2go7.8HIGH
Vulnerability Alert: 4-Digit PIN Insufficient Protection Against Brute-Force Attacks
CVE-2024-41798
SiemensSentron 7km Pac32009.8CRITICAL
Unauthenticated Escape Vulnerability in HiMed Cockpit
CVE-2023-52952
SiemensHimed Cockpit 12 Pro8.5HIGH
September 10
Unauthenticated Remote Attacker Could Impersonate Other Devices via Validation Vulnerability
CVE-2024-45032
SiemensIndustrial Edge Manage...10CRITICAL
Automation License Manager Vulnerability Could Lead to Remote Code Execution
CVE-2024-44087
SiemensAutomation License Man...8.6HIGH
Insertion of Sensitive Information into Log File Vulnerability Affects SINUMERIK Systems
CVE-2024-43781
SiemensSinumerik 828d V45.5MEDIUM
{"SIMATIC S7-200 SMART CPU Firmware Vulnerability Could Lead to Denial of Service","SIMATIC S7-200 SMART CPU Affected by TCP Packet Structure Error","Unplugging Network Cable Can Restore Normal Operations for SIMATIC S7-200 SMART CPU"}
CVE-2024-43647
SiemensSimatic S7-200 Smart C...7.5HIGH
Remote Access Vulnerability in SINEMA Remote Connect Server Could Allow Circumvention of Additional Multi-Factor Authentication
CVE-2024-42345
SiemensSinema Remote Connect ...4.3MEDIUM
SINEMA Remote Connect Client Vulnerability Could Compromise Confidentiality
CVE-2024-42344
SiemensSinema Remote Connect ...5.5MEDIUM
SINUMERIK Devices Vulnerable to Privilege Escalation Attacks
CVE-2024-41171
SiemensSinumerik 828d V48.8HIGH
Stack Based Overflow Vulnerability in Tecnomatix Plant Simulation
CVE-2024-41170
SiemensTecnomatix Plant Simul...7.8HIGH
SIMATIC Reader vulnerability could lead to sensitive information disclosure
CVE-2024-37995
SiemensSimatic Reader Rf610r ...9.1CRITICAL
Hidden Configuration Item Could Lead to Deployment Insights
CVE-2024-37994
SiemensSimatic Reader Rf610r ...7.1HIGH
Affected applications do not authenticate the creation of Ajax2App instances
CVE-2024-37993
SiemensSimatic Reader Rf610r ...7.5HIGH
SIMATIC Reader vulnerabilities due to error handling
CVE-2024-37992
SiemensSimatic Reader Rf610r ...7.5HIGH
Sensitive Information Accessible Without Authentication in SIMATIC Reader RF610R, RF615R, RF680R, and Other Products
CVE-2024-37991
SiemensSimatic Reader Rf610r ...6.5MEDIUM
CVE-2024-37990
SiemensSimatic Reader Rf610r ...6.5MEDIUM
Elevated Privileges Vulnerability Affects Siemens' Industrial Automation Products
CVE-2024-35783
SiemensSimatic Batch V9.19.1CRITICAL
CVE-2024-33698
SiemensOpcenter Execution Fou...9.8CRITICAL
Remote Connect Client Vulnerability Allows Bypass of Multi-Factor Authentication Without Logout
CVE-2024-32006
SiemensSinema Remote Connect ...4.3MEDIUM
Vulnerability in Mendix Runtime Could Allow Unauthorized Access to User Data
CVE-2023-49069
SiemensMendix Runtime V105.3MEDIUM
CVE-2023-30756
SiemensSimatic Cp 1242-7 V2 (...5.9MEDIUM
CVE-2023-30755
SiemensSimatic Cp 1242-7 V2 (...4.4MEDIUM
CVE-2023-28827
SiemensSimatic Cp 1242-7 V2 (...5.9MEDIUM
August 13
SCALANCE M804PB Faces Vulnerability in 2FA Log File Injection
CVE-2024-41978
SiemensRuggedcom Rm1224 Lte(4...6.5MEDIUM