Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siemens Subscribe
Filtered by product Sm-2556
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12739 1 Siemens 2 Sm-2556, Sm-2556 Firmware 2019-10-02 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote attackers to execute arbitrary code on the affected device.
CVE-2017-12738 1 Siemens 2 Sm-2556, Sm-2556 Firmware 2017-11-30 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into clicking on a malicious link.
CVE-2017-12737 1 Siemens 2 Sm-2556, Sm-2556 Firmware 2017-11-30 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote attackers to obtain sensitive device information over the network.