cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-24956,https://securityvulnerability.io/vulnerability/CVE-2025-24956,Buffer Overflow Vulnerability in OpenV2G by Siemens,"A vulnerability exists in the OpenV2G software related to the EXI parsing of X509 serial numbers. The software fails to perform a necessary length check, leading to a potential buffer overflow. This flaw could enable attackers to exploit memory corruption, which may lead to Denial of Service or unauthorized access. Users are urged to upgrade to version 0.9.6 or later to mitigate this security risk.",Siemens,Openv2g,6.9,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-11T10:29:18.342Z,0
CVE-2025-24812,https://securityvulnerability.io/vulnerability/CVE-2025-24812,Denial of Service Vulnerability in Siemens SIMATIC S7-1200 Series,"A vulnerability exists in several models of the Siemens SIMATIC S7-1200 series that can be exploited via specially crafted packets sent to port 102/tcp. This flaw could enable attackers to trigger a denial of service condition, leading to potential disruptions in device operations.",Siemens,"Simatic S7-1200 Cpu 1211c Ac/dc/rly,Simatic S7-1200 Cpu 1211c Dc/dc/dc,Simatic S7-1200 Cpu 1211c Dc/dc/rly,Simatic S7-1200 Cpu 1212c Ac/dc/rly,Simatic S7-1200 Cpu 1212c Dc/dc/dc,Simatic S7-1200 Cpu 1212c Dc/dc/rly,Simatic S7-1200 Cpu 1212fc Dc/dc/dc,Simatic S7-1200 Cpu 1212fc Dc/dc/rly,Simatic S7-1200 Cpu 1214c Ac/dc/rly,Simatic S7-1200 Cpu 1214c Dc/dc/dc,Simatic S7-1200 Cpu 1214c Dc/dc/rly,Simatic S7-1200 Cpu 1214fc Dc/dc/dc,Simatic S7-1200 Cpu 1214fc Dc/dc/rly,Simatic S7-1200 Cpu 1215c Ac/dc/rly,Simatic S7-1200 Cpu 1215c Dc/dc/dc,Simatic S7-1200 Cpu 1215c Dc/dc/rly,Simatic S7-1200 Cpu 1215fc Dc/dc/dc,Simatic S7-1200 Cpu 1215fc Dc/dc/rly,Simatic S7-1200 Cpu 1217c Dc/dc/dc,Siplus S7-1200 Cpu 1212 Ac/dc/rly,Siplus S7-1200 Cpu 1212 Dc/dc/rly,Siplus S7-1200 Cpu 1212c Dc/dc/dc,Siplus S7-1200 Cpu 1212c Dc/dc/dc Rail,Siplus S7-1200 Cpu 1214 Ac/dc/rly,Siplus S7-1200 Cpu 1214 Dc/dc/dc,Siplus S7-1200 Cpu 1214 Dc/dc/rly,Siplus S7-1200 Cpu 1214c Dc/dc/dc Rail,Siplus S7-1200 Cpu 1214fc Dc/dc/dc,Siplus S7-1200 Cpu 1214fc Dc/dc/rly,Siplus S7-1200 Cpu 1215 Ac/dc/rly,Siplus S7-1200 Cpu 1215 Dc/dc/dc,Siplus S7-1200 Cpu 1215 Dc/dc/rly,Siplus S7-1200 Cpu 1215c Dc/dc/dc,Siplus S7-1200 Cpu 1215fc Dc/dc/dc",7.1,HIGH,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-11T10:29:16.319Z,0
CVE-2025-24811,https://securityvulnerability.io/vulnerability/CVE-2025-24811,Denial of Service Vulnerability in Siemens SIMATIC S7-1200 Products,"The identified vulnerability in several models of Siemens SIMATIC S7-1200 CPUs allows unauthenticated attackers to disrupt device operation. Specifically, devices fail to properly handle specially crafted packets sent to port 80/tcp, potentially resulting in denial of service conditions. Such vulnerabilities may affect critical operations within industrial environments and require prompt attention to mitigate risks.",Siemens,"Simatic S7-1200 Cpu 1211c Ac/dc/rly,Simatic S7-1200 Cpu 1211c Dc/dc/dc,Simatic S7-1200 Cpu 1211c Dc/dc/rly,Simatic S7-1200 Cpu 1212c Ac/dc/rly,Simatic S7-1200 Cpu 1212c Dc/dc/dc,Simatic S7-1200 Cpu 1212c Dc/dc/rly,Simatic S7-1200 Cpu 1212fc Dc/dc/dc,Simatic S7-1200 Cpu 1212fc Dc/dc/rly,Simatic S7-1200 Cpu 1214c Ac/dc/rly,Simatic S7-1200 Cpu 1214c Dc/dc/dc,Simatic S7-1200 Cpu 1214c Dc/dc/rly,Simatic S7-1200 Cpu 1214fc Dc/dc/dc,Simatic S7-1200 Cpu 1214fc Dc/dc/rly,Simatic S7-1200 Cpu 1215c Ac/dc/rly,Simatic S7-1200 Cpu 1215c Dc/dc/dc,Simatic S7-1200 Cpu 1215c Dc/dc/rly,Simatic S7-1200 Cpu 1215fc Dc/dc/dc,Simatic S7-1200 Cpu 1215fc Dc/dc/rly,Simatic S7-1200 Cpu 1217c Dc/dc/dc,Siplus S7-1200 Cpu 1212 Ac/dc/rly,Siplus S7-1200 Cpu 1212 Dc/dc/rly,Siplus S7-1200 Cpu 1212c Dc/dc/dc,Siplus S7-1200 Cpu 1212c Dc/dc/dc Rail,Siplus S7-1200 Cpu 1214 Ac/dc/rly,Siplus S7-1200 Cpu 1214 Dc/dc/dc,Siplus S7-1200 Cpu 1214 Dc/dc/rly,Siplus S7-1200 Cpu 1214c Dc/dc/dc Rail,Siplus S7-1200 Cpu 1214fc Dc/dc/dc,Siplus S7-1200 Cpu 1214fc Dc/dc/rly,Siplus S7-1200 Cpu 1215 Ac/dc/rly,Siplus S7-1200 Cpu 1215 Dc/dc/dc,Siplus S7-1200 Cpu 1215 Dc/dc/rly,Siplus S7-1200 Cpu 1215c Dc/dc/dc,Siplus S7-1200 Cpu 1215fc Dc/dc/dc",8.7,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-11T10:29:14.081Z,0
CVE-2025-24532,https://securityvulnerability.io/vulnerability/CVE-2025-24532,Incorrect Authorization Vulnerability in SCALANCE WAB and WAM Series by Siemens,"A vulnerability exists in various SCALANCE products where devices with the 'user' role may be compromised due to incorrect authorization in SNMPv3 View configuration. This exposes the potential for malicious actors to alter the View Type of SNMPv3 Views, which can have severe security implications for affected network infrastructures. It is crucial for users of these products to implement the necessary updates and safeguards against unauthorized modifications.",Siemens,"Scalance Wab762-1,Scalance Wam763-1,Scalance Wam763-1 (me),Scalance Wam763-1 (us),Scalance Wam766-1,Scalance Wam766-1 (me),Scalance Wam766-1 (us),Scalance Wam766-1 Eec,Scalance Wam766-1 Eec (me),Scalance Wam766-1 Eec (us),Scalance Wub762-1,Scalance Wub762-1 Ifeatures,Scalance Wum763-1,Scalance Wum763-1 (us),Scalance Wum766-1,Scalance Wum766-1 (me),Scalance Wum766-1 (usa)",5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-11T10:29:09.926Z,0
CVE-2025-24499,https://securityvulnerability.io/vulnerability/CVE-2025-24499,Input Validation Flaw in SCALANCE Networking Products by Siemens,"A vulnerability has been discovered in various SCALANCE devices from Siemens, including WAB762-1 and WAM series, where the devices fail to properly validate input during configuration file loading. This oversight could grant an authenticated remote attacker the ability to execute arbitrary shell commands on the affected devices, potentially compromising their integrity and security. Users are advised to upgrade to the latest versions to mitigate this risk.",Siemens,"Scalance Wab762-1,Scalance Wam763-1,Scalance Wam763-1 (me),Scalance Wam763-1 (us),Scalance Wam766-1,Scalance Wam766-1 (me),Scalance Wam766-1 (us),Scalance Wam766-1 Eec,Scalance Wam766-1 Eec (me),Scalance Wam766-1 Eec (us),Scalance Wub762-1,Scalance Wub762-1 Ifeatures,Scalance Wum763-1,Scalance Wum763-1 (us),Scalance Wum766-1,Scalance Wum766-1 (me),Scalance Wum766-1 (usa)",7.5,HIGH,0.0006600000197067857,false,,false,false,false,,false,false,false,,2025-02-11T10:29:05.987Z,0
CVE-2025-23403,https://securityvulnerability.io/vulnerability/CVE-2025-23403,Improper User Permission Control in Siemens SIMATIC IPC DiagBase and DiagMonitor,"A critical security vulnerability has been detected in Siemens' SIMATIC IPC DiagBase and DiagMonitor. The affected systems fail to enforce proper permissions for their respective registry keys, which may allow authenticated attackers to exploit this flaw. By gaining unauthorized access, attackers could potentially load malicious drivers into the system. This action can lead to privilege escalation, allowing them to bypass existing endpoint protection and other security measures, thereby compromising system integrity and data security.",Siemens,"Simatic Ipc Diagbase,Simatic Ipc Diagmonitor",7.3,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-11T10:29:04.193Z,0
CVE-2025-23363,https://securityvulnerability.io/vulnerability/CVE-2025-23363,SSO Login Service Vulnerability in Teamcenter by Siemens,"A vulnerability in the SSO login service of Teamcenter affects all versions prior to V14.3.0.0. This flaw allows attackers to manipulate user-controlled input, potentially redirecting users to malicious external sites. If a user clicks on a crafted link provided by an attacker, their session data could be compromised, leading to unauthorized access and potential data breaches.",Siemens,Teamcenter,6.1,MEDIUM,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-02-11T10:29:02.933Z,0
CVE-2024-54090,https://securityvulnerability.io/vulnerability/CVE-2024-54090,Out-of-Bounds Read in APOGEE PXC and TALON TC Series by Siemens,"A vulnerability has been discovered in various Siemens devices including the APOGEE PXC and TALON TC Series. The issue lies in an out-of-bounds read within the memory dump function. Attackers with sufficient privileges can exploit this flaw, leading to the device entering an insecure cold start state. This can potentially compromise the integrity of the system and expose critical functionalities under threat.",Siemens,"Apogee Pxc Series (bacnet),Apogee Pxc Series (p2 Ethernet),Talon Tc Series (bacnet)",6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-11T10:29:01.530Z,0
CVE-2024-54089,https://securityvulnerability.io/vulnerability/CVE-2024-54089,Weak Encryption Vulnerability in APOGEE PXC and TALON TC Series by Siemens,"A critical vulnerability exists in various models of Siemens APOGEE PXC and TALON TC Series devices due to a weak encryption scheme relying on a hard-coded key. This vulnerability enables attackers to potentially deduce or decrypt sensitive passwords from intercepted cyphertext, thereby compromising the security of affected systems. Organizations using these devices should assess their infrastructure and implement necessary safeguards to mitigate potential threats stemming from this weakness.",Siemens,"Apogee Pxc Series (bacnet),Apogee Pxc Series (p2 Ethernet),Talon Tc Series (bacnet)",8.7,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-02-11T10:29:00.200Z,0
CVE-2024-54015,https://securityvulnerability.io/vulnerability/CVE-2024-54015,Unvalidated SNMP GET Requests in SIEMENS SIPROTEC 5 Devices,"A security flaw in various SIEMENS SIPROTEC 5 devices has been identified where these devices fail to properly validate SNMP GET requests. An unauthenticated remote attacker can exploit this vulnerability to retrieve sensitive information by issuing SNMPv2 GET requests, potentially using default credentials. This lack of validation poses a significant risk, as it could lead to unauthorized access to critical device information, making it essential for affected users to apply the recommended mitigations swiftly.",Siemens,"Siprotec 5 6md84 (cp300),Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7sy82 (cp150),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Communication Module Eth-ba-2el (rev.2),Siprotec 5 Communication Module Eth-bb-2fo (rev. 2),Siprotec 5 Communication Module Eth-bd-2fo,Siprotec 5 Compact 7sx800 (cp050)",8.7,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-02-11T10:28:58.684Z,0
CVE-2024-53977,https://securityvulnerability.io/vulnerability/CVE-2024-53977,Arbitrary Code Execution Vulnerability in ModelSim and Questa by Siemens,"A vulnerability exists in ModelSim and Questa that could allow an authenticated local attacker to execute arbitrary code. This occurs through a setup script within the affected applications that can load executable files from a current working directory. If an administrator or a process with elevated privileges initiates this script from a user-writable directory, the attacker could leverage this flaw to manipulate or escalate privileges, posing a significant security risk.",Siemens,"Modelsim,Questa",5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-11T10:28:56.961Z,0
CVE-2024-53651,https://securityvulnerability.io/vulnerability/CVE-2024-53651,Data Exposure Vulnerability in SIPROTEC 5 Devices by Siemens,"A vulnerability affecting multiple models of SIPROTEC 5 devices permits potential data exposure due to the failure to encrypt sensitive data within the onboard flash storage. This flaw allows an attacker with physical access to read the entire filesystem of the device, posing a significant security risk.",Siemens,"Siprotec 5 6md84 (cp300),Siprotec 5 6md85 (cp200),Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp200),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp200),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp100),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa86 (cp200),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp200),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp100),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd86 (cp200),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp200),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp100),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp100),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp200),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp200),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp100),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp200),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp100),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp200),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp200),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp200),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp200),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7sy82 (cp150),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp100),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp200),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp200),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp200),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp200),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Compact 7sx800 (cp050)",5.1,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,false,,2025-02-11T10:28:55.428Z,0
CVE-2024-53648,https://securityvulnerability.io/vulnerability/CVE-2024-53648,Development Shell Access Vulnerability in SIPROTEC 5 Products by Siemens,"A significant vulnerability exists in several models of the SIPROTEC 5 series from Siemens, which fails to properly restrict access to a development shell over a physical interface. This weakness could enable an unauthenticated attacker with physical access to the device to execute arbitrary commands, potentially compromising the integrity and security of the affected systems.",Siemens,"Siprotec 5 6md84 (cp300),Siprotec 5 6md85 (cp200),Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp200),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp200),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp100),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa86 (cp200),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp200),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp100),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd86 (cp200),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp200),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp100),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp100),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp200),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp200),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp100),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp200),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp100),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp200),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp200),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp200),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp200),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7sy82 (cp150),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp100),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp200),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp200),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp200),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp200),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Compact 7sx800 (cp050)",7,HIGH,0.0005300000193528831,false,,false,false,false,,false,false,false,,2025-02-11T10:28:52.039Z,0
CVE-2024-45386,https://securityvulnerability.io/vulnerability/CVE-2024-45386,Session Management Flaw in SIMATIC PCS neo and Related Siemens Products,"A session management vulnerability exists in multiple Siemens products, including SIMATIC PCS neo. The issue arises from the failure to properly invalidate user sessions following logout. As a result, remote attackers could potentially exploit this flaw by reusing session tokens collected through unauthorized means, thereby gaining access to user accounts and sensitive information even after legitimate users have logged out.",Siemens,"Simatic Pcs Neo V4.0,Simatic Pcs Neo V4.1,Simatic Pcs Neo V5.0,Simocode Es V19,Sirius Safety Es V19 (tia Portal),Sirius Soft Starter Es V19 (tia Portal),Tia Administrator",8.7,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-02-11T10:28:44.675Z,0
CVE-2024-23814,https://securityvulnerability.io/vulnerability/CVE-2024-23814,Denial of Service Vulnerability in SCALANCE Products by Siemens,"A denial of service vulnerability exists in the SCALANCE series of network devices from Siemens. When affected devices receive specially crafted packets targeting ICMP fragment re-assembly, they can exhaust their memory resources. This condition may be exploited by an unauthenticated remote attacker, leading to a temporary denial of service of the ICMP service. However, other communication services remain unaffected. Once the attack subsides, the devices will return to normal operation.",Siemens,"Scalance Wab762-1,Scalance Wam763-1,Scalance Wam763-1 (me),Scalance Wam763-1 (us),Scalance Wam766-1,Scalance Wam766-1 (me),Scalance Wam766-1 (us),Scalance Wam766-1 Eec,Scalance Wam766-1 Eec (me),Scalance Wam766-1 Eec (us),Scalance Wub762-1,Scalance Wub762-1 Ifeatures,Scalance Wum763-1,Scalance Wum763-1 (us),Scalance Wum766-1,Scalance Wum766-1 (me),Scalance Wum766-1 (usa)",6.9,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-11T10:28:33.403Z,0
CVE-2023-37482,https://securityvulnerability.io/vulnerability/CVE-2023-37482,Web Server Login Functionality Vulnerability in Siemens Products,"A vulnerability exists in the login mechanism of Siemens web servers, where response times for login attempts are not normalized. This flaw enables an unauthenticated remote attacker to exploit timing variations to differentiate between valid and invalid usernames. As a result, attackers could potentially gain access by targeting user accounts based on the behavior of the login response, raising serious security concerns for devices relying on this functionality.",Siemens,"Simatic Drive Controller Cpu 1504d Tf,Simatic Drive Controller Cpu 1507d Tf,Simatic Et 200sp Open Controller Cpu 1515sp Pc2 (incl. Siplus Variants),Simatic S7-1200 Cpu 1211c Ac/dc/rly,Simatic S7-1200 Cpu 1211c Dc/dc/dc,Simatic S7-1200 Cpu 1211c Dc/dc/rly,Simatic S7-1200 Cpu 1212c Ac/dc/rly,Simatic S7-1200 Cpu 1212c Dc/dc/dc,Simatic S7-1200 Cpu 1212c Dc/dc/rly,Simatic S7-1200 Cpu 1212fc Dc/dc/dc,Simatic S7-1200 Cpu 1212fc Dc/dc/rly,Simatic S7-1200 Cpu 1214c Ac/dc/rly,Simatic S7-1200 Cpu 1214c Dc/dc/dc,Simatic S7-1200 Cpu 1214c Dc/dc/rly,Simatic S7-1200 Cpu 1214fc Dc/dc/dc,Simatic S7-1200 Cpu 1214fc Dc/dc/rly,Simatic S7-1200 Cpu 1215c Ac/dc/rly,Simatic S7-1200 Cpu 1215c Dc/dc/dc,Simatic S7-1200 Cpu 1215c Dc/dc/rly,Simatic S7-1200 Cpu 1215fc Dc/dc/dc,Simatic S7-1200 Cpu 1215fc Dc/dc/rly,Simatic S7-1200 Cpu 1217c Dc/dc/dc,Simatic S7-1500 Cpu 1510sp F-1 Pn,Simatic S7-1500 Cpu 1510sp-1 Pn,Simatic S7-1500 Cpu 1511-1 Pn,Simatic S7-1500 Cpu 1511c-1 Pn,Simatic S7-1500 Cpu 1511f-1 Pn,Simatic S7-1500 Cpu 1511t-1 Pn,Simatic S7-1500 Cpu 1511tf-1 Pn,Simatic S7-1500 Cpu 1512c-1 Pn,Simatic S7-1500 Cpu 1512sp F-1 Pn,Simatic S7-1500 Cpu 1512sp-1 Pn,Simatic S7-1500 Cpu 1513-1 Pn,Simatic S7-1500 Cpu 1513f-1 Pn,Simatic S7-1500 Cpu 1513pro F-2 Pn,Simatic S7-1500 Cpu 1513pro-2 Pn,Simatic S7-1500 Cpu 1513r-1 Pn,Simatic S7-1500 Cpu 1514sp F-2 Pn,Simatic S7-1500 Cpu 1514sp-2 Pn,Simatic S7-1500 Cpu 1514spt F-2 Pn,Simatic S7-1500 Cpu 1514spt-2 Pn,Simatic S7-1500 Cpu 1515-2 Pn,Simatic S7-1500 Cpu 1515f-2 Pn,Simatic S7-1500 Cpu 1515r-2 Pn,Simatic S7-1500 Cpu 1515t-2 Pn,Simatic S7-1500 Cpu 1515tf-2 Pn,Simatic S7-1500 Cpu 1516-3 Pn/dp,Simatic S7-1500 Cpu 1516f-3 Pn/dp,Simatic S7-1500 Cpu 1516pro F-2 Pn,Simatic S7-1500 Cpu 1516pro-2 Pn,Simatic S7-1500 Cpu 1516t-3 Pn/dp,Simatic S7-1500 Cpu 1516tf-3 Pn/dp,Simatic S7-1500 Cpu 1517-3 Pn/dp,Simatic S7-1500 Cpu 1517f-3 Pn/dp,Simatic S7-1500 Cpu 1517h-3 Pn,Simatic S7-1500 Cpu 1517t-3 Pn/dp,Simatic S7-1500 Cpu 1517tf-3 Pn/dp,Simatic S7-1500 Cpu 1518-4 Pn/dp,Simatic S7-1500 Cpu 1518-4 Pn/dp Mfp,Simatic S7-1500 Cpu 1518f-4 Pn/dp,Simatic S7-1500 Cpu 1518f-4 Pn/dp Mfp,Simatic S7-1500 Cpu 1518hf-4 Pn,Simatic S7-1500 Cpu 1518t-4 Pn/dp,Simatic S7-1500 Cpu 1518tf-4 Pn/dp,Simatic S7-1500 Software Controller,Simatic S7-plcsim Advanced,Siplus S7-1200 Cpu 1212 Ac/dc/rly,Siplus S7-1200 Cpu 1212 Dc/dc/rly,Siplus S7-1200 Cpu 1212c Dc/dc/dc,Siplus S7-1200 Cpu 1212c Dc/dc/dc Rail,Siplus S7-1200 Cpu 1214 Ac/dc/rly,Siplus S7-1200 Cpu 1214 Dc/dc/dc,Siplus S7-1200 Cpu 1214 Dc/dc/rly,Siplus S7-1200 Cpu 1214c Dc/dc/dc Rail,Siplus S7-1200 Cpu 1214fc Dc/dc/dc,Siplus S7-1200 Cpu 1214fc Dc/dc/rly,Siplus S7-1200 Cpu 1215 Ac/dc/rly,Siplus S7-1200 Cpu 1215 Dc/dc/dc,Siplus S7-1200 Cpu 1215 Dc/dc/rly,Siplus S7-1200 Cpu 1215c Dc/dc/dc,Siplus S7-1200 Cpu 1215fc Dc/dc/dc,Siplus S7-1500 Cpu 1517h-3 Pn,Siplus S7-1500 Cpu 1518-4 Pn/dp,Siplus S7-1500 Cpu 1518-4 Pn/dp Mfp,Siplus S7-1500 Cpu 1518f-4 Pn/dp,Siplus S7-1500 Cpu 1518hf-4 Pn",6.9,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-11T10:26:27.720Z,0
CVE-2024-56841,https://securityvulnerability.io/vulnerability/CVE-2024-56841,LDAP Injection Vulnerability in Mendix by Siemens,"A serious vulnerability exists in Mendix LDAP versions prior to 1.1.2, allowing attackers to exploit LDAP injection flaws. This weakness enables an unauthenticated remote attacker to bypass user authentication mechanisms, potentially gaining unauthorized access to sensitive system information. Organizations using affected versions should implement immediate measures to mitigate risks and ensure their systems remain secure.",Siemens,,7.4,HIGH,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-01-14T11:15:00.000Z,0
CVE-2024-45385,https://securityvulnerability.io/vulnerability/CVE-2024-45385,Reflected XSS Vulnerability in Industrial Edge Management OS by Siemens,"A vulnerability has been identified in Industrial Edge Management OS (IEM-OS) affecting all versions, which exposes it to reflected cross-site scripting (XSS) attacks. This security flaw enables attackers to craft malicious links that, when accessed by users, can lead to the unauthorized extraction of sensitive information. Organizations utilizing this product need to implement mitigation measures to safeguard against potential exploit attempts.",Siemens,,4.7,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-14T11:15:00.000Z,0
CVE-2024-53649,https://securityvulnerability.io/vulnerability/CVE-2024-53649,Webserver Path Exposure in SIPROTEC 5 Series by Siemens,"A vulnerability exists in multiple SIPROTEC 5 devices that allows authenticated remote attackers to exploit webserver misconfigurations. The flaw permits unauthorized access to arbitrary files on the system, potentially leading to data leaks or further attacks. Users are advised to bolster security measures to prevent exploitation of this oversight.",Siemens,"Siprotec 5 6md84 (cp300),Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp100),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp100),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp100),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp100),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp100),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp100),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7sy82 (cp150),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp100),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Compact 7sx800 (cp050)",7.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-14T11:15:00.000Z,0
CVE-2024-47100,https://securityvulnerability.io/vulnerability/CVE-2024-47100,CSRF Vulnerability in Siemens SIMATIC S7-1200 CPUs,"This vulnerability allows unauthenticated attackers to exploit the web interface of the affected Siemens SIMATIC S7-1200 CPUs. By utilizing Cross-Site Request Forgery (CSRF) techniques, an attacker could potentially manipulate CPU settings by tricking a legitimate user with sufficient permissions to click on a malicious link. This manipulation could lead to unauthorized changes in operational modes, significantly affecting system integrity and security.",Siemens,,7.1,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-14T11:15:00.000Z,0
CVE-2024-49775,https://securityvulnerability.io/vulnerability/CVE-2024-49775,Heap-Based Buffer Overflow in Siemens Automation Products,"CVE-2024-49775 identifies a critical heap-based buffer overflow vulnerability affecting multiple Siemens automation products, including the Opcenter suite and the Totally Integrated Automation Portal (TIA Portal). This vulnerability resides in the integrated UMC component and could allow an unauthenticated remote attacker to execute arbitrary code. Given the widespread use of these products in industrial environments, the implications of such exploitation could lead to severe operational disruptions. Siemens has acknowledged this vulnerability in all listed versions and it is imperative for users to assess their current configurations and apply necessary mitigations.",Siemens,"Opcenter Execution Foundation,Opcenter Intelligence,Opcenter Quality,Opcenter Rdl,Simatic Pcs Neo V4.0,Simatic Pcs Neo V4.1,Simatic Pcs Neo V5.0,Sinec Nms,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19",9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-12-16T15:06:04.714Z,184
CVE-2024-54095,https://securityvulnerability.io/vulnerability/CVE-2024-54095,Integer Underflow Vulnerability in Solid Edge SE2024 Could Allow Code Execution,"A vulnerability exists in Solid Edge SE2024 affecting all versions prior to V224.0 Update 10. This vulnerability is an integer underflow that can be exploited by attackers through specially crafted PAR files. When the application parses these files, it may enable the execution of arbitrary code within the context of the current process, posing significant risks to system integrity and user data.",Siemens,Solid Edge Se2024,7.8,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-12-10T13:54:21.335Z,0
CVE-2024-54094,https://securityvulnerability.io/vulnerability/CVE-2024-54094,Heap-Based Buffer Overflow Vulnerability Affects Solid Edge SE2024,"A heap-based buffer overflow vulnerability exists in Siemens' Solid Edge SE2024, impacting all versions prior to V224.0 Update 5. This vulnerability arises during the processing of specially crafted PAR files, potentially allowing an attacker to execute arbitrary code within the context of the affected process. Prompt mitigation measures are advisable to safeguard systems against exploitation of this flaw.",Siemens,Solid Edge Se2024,7.8,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-12-10T13:54:20.014Z,0
CVE-2024-54093,https://securityvulnerability.io/vulnerability/CVE-2024-54093,Heap-Based Buffer Overflow Vulnerability Affects Solid Edge SE2024,"A heap-based buffer overflow vulnerability exists in Solid Edge SE2024 which affects all versions prior to V224.0 Update 5. This flaw is triggered while processing specially crafted ASM files, which can lead to potential code execution in the context of the current process. Attackers who exploit this vulnerability could take control of the affected system, posing significant risks to users and organizations utilizing this software. Immediate updates and security measures are recommended to mitigate the threat.",Siemens,Solid Edge Se2024,7.8,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-12-10T13:54:18.597Z,0
CVE-2024-54091,https://securityvulnerability.io/vulnerability/CVE-2024-54091,Parasolid Vulnerability Could Allow Execution of Code in Context of Current Process,"A critical vulnerability has been identified in the Parasolid software, specifically affecting versions of Parasolid V36.1 prior to V36.1.225 and V37.0 prior to V37.0.173. This flaw manifests as an out of bounds write past the end of an allocated buffer when processing X_T data or handling specially crafted files in X_T format. Exploitation of this vulnerability could enable an attacker to execute arbitrary code within the context of the currently running process, posing significant security risks to users.",Siemens,"Parasolid V36.1,Parasolid V37.0",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T13:54:17.315Z,0