Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siemens Subscribe
Filtered by product Simatic Easie Core Package
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44222 1 Siemens 1 Simatic Easie Core Package 2022-07-15 6.4 MEDIUM 9.1 CRITICAL
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system.
CVE-2021-44221 1 Siemens 1 Simatic Easie Core Package 2022-07-15 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.