Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siemens Subscribe
Total 1529 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-4846 1 Siemens 6 Rapidlab 1200, Rapidlab 1200 Firmware, Rapidpoint 400 and 3 more 2019-10-09 10.0 HIGH 9.8 CRITICAL
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). A factory account with hardcoded password might allow attackers access to the device over port 5900/tcp. Successful exploitation requires no user interaction or privileges and impacts the confidentiality, integrity, and availability of the affected device. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.
CVE-2018-4845 1 Siemens 6 Rapidlab 1200, Rapidlab 1200 Firmware, Rapidpoint 400 and 3 more 2019-10-09 6.5 MEDIUM 8.8 HIGH
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). Remote attackers with either local or remote credentialed access to the "Remote View" feature might be able to elevate their privileges, compromising confidentiality, integrity, and availability of the system. No special skills or user interaction are required to perform this attack. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.
CVE-2018-4841 1 Siemens 2 Tim 1531 Irc, Tim 1531 Irc Firmware 2019-10-09 10.0 HIGH 9.8 CRITICAL
A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read and manipulate data as well as configuration settings of the affected device. At the stage of publishing this security advisory no public exploitation is known. Siemens provides mitigations to resolve it.
CVE-2018-4859 1 Siemens 2 Scalance M875, Scalance M875 Firmware 2019-10-09 9.0 HIGH 7.2 HIGH
A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. The vulnerability could allow an attacker to execute arbitrary code on the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVE-2018-4860 1 Siemens 2 Scalance M875, Scalance M875 Firmware 2019-10-09 9.0 HIGH 7.2 HIGH
A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. The vulnerability could allow an attacker to execute arbitrary code on the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVE-2018-4837 1 Siemens 1 Telecontrol Server Basic 2019-10-09 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition.
CVE-2018-4836 1 Siemens 1 Telecontrol Server Basic 2019-10-09 6.5 MEDIUM 8.8 HIGH
A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations.
CVE-2018-4835 1 Siemens 1 Telecontrol Server Basic 2019-10-09 5.0 MEDIUM 5.3 MEDIUM
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's port 8000/tcp could bypass the authentication mechanism and read limited information.
CVE-2018-4834 1 Siemens 10 Pxc001-e.d, Pxc001-e.d Firmware, Pxc00\/50\/100\/200-e.d and 7 more 2019-10-09 10.0 HIGH 9.8 CRITICAL
A vulnerability has been identified in Desigo Automation Controllers Products and Desigo Operator Unit PXM20-E. A remote attacker with network access to the device could potentially upload a new firmware image to the devices without prior authentication.
CVE-2018-4861 1 Siemens 2 Scalance M875, Scalance M875 Firmware 2019-10-09 4.0 MEDIUM 4.9 MEDIUM
A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could potentially read and download arbitrary files from the device's file system. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVE-2018-4856 1 Siemens 4 Siclock Tc100, Siclock Tc100 Firmware, Siclock Tc400 and 1 more 2019-10-09 4.0 MEDIUM 4.9 MEDIUM
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users.
CVE-2018-4855 1 Siemens 4 Siclock Tc100, Siclock Tc100 Firmware, Siclock Tc400 and 1 more 2019-10-09 4.3 MEDIUM 6.5 MEDIUM
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords.
CVE-2018-4854 1 Siemens 4 Siclock Tc100, Siclock Tc100 Firmware, Siclock Tc400 and 1 more 2019-10-09 9.3 HIGH 8.8 HIGH
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device, then he/she could obtain code execution on the client system.
CVE-2018-4853 1 Siemens 4 Siclock Tc100, Siclock Tc100 Firmware, Siclock Tc400 and 1 more 2019-10-09 10.0 HIGH 9.8 CRITICAL
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the firmware of the device.
CVE-2018-4844 1 Siemens 1 Simatic Wincc Oa Ui 2019-10-09 3.8 LOW 6.7 MEDIUM
A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10), SIMATIC WinCC OA UI for iOS (All versions < V3.15.10). Insufficient limitation of CONTROL script capabilities could allow read and write access from one HMI project cache folder to other HMI project cache folders within the app's sandbox on the same mobile device. This includes HMI project cache folders of other configured WinCC OA servers. The security vulnerability could be exploited by an attacker who tricks an app user to connect to an attacker-controlled WinCC OA server. Successful exploitation requires user interaction and read/write access to the app's folder on a mobile device. The vulnerability could allow reading data from and writing data to the app's folder. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue.
CVE-2018-5380 4 Canonical, Debian, Quagga and 1 more 5 Ubuntu Linux, Debian Linux, Quagga and 2 more 2019-10-09 4.0 MEDIUM 4.3 MEDIUM
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
CVE-2018-5381 4 Canonical, Debian, Quagga and 1 more 5 Ubuntu Linux, Debian Linux, Quagga and 2 more 2019-10-09 5.0 MEDIUM 7.5 HIGH
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI, causing a denial of service.
CVE-2018-4851 1 Siemens 4 Siclock Tc100, Siclock Tc100 Firmware, Siclock Tc400 and 1 more 2019-10-09 8.5 HIGH 8.2 HIGH
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of the device could be impacted. The time serving functionality recovers when time synchronization with GPS devices or other NTP servers are completed.
CVE-2018-16555 1 Siemens 8 Scalance S602, Scalance S602 Firmware, Scalance S612 and 5 more 2019-10-09 3.5 LOW 5.4 MEDIUM
A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known.
CVE-2018-13812 1 Siemens 22 Simatic Hmi Comfort Outdoor Panels, Simatic Hmi Comfort Outdoor Panels Firmware, Simatic Hmi Comfort Panels and 19 more 2019-10-09 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.