cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-49775,https://securityvulnerability.io/vulnerability/CVE-2024-49775,Heap-Based Buffer Overflow in Siemens Automation Products,"CVE-2024-49775 identifies a critical heap-based buffer overflow vulnerability affecting multiple Siemens automation products, including the Opcenter suite and the Totally Integrated Automation Portal (TIA Portal). This vulnerability resides in the integrated UMC component and could allow an unauthenticated remote attacker to execute arbitrary code. Given the widespread use of these products in industrial environments, the implications of such exploitation could lead to severe operational disruptions. Siemens has acknowledged this vulnerability in all listed versions and it is imperative for users to assess their current configurations and apply necessary mitigations.",Siemens,"Opcenter Execution Foundation,Opcenter Intelligence,Opcenter Quality,Opcenter Rdl,Simatic Pcs Neo V4.0,Simatic Pcs Neo V4.1,Simatic Pcs Neo V5.0,Sinec Nms,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19",9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,false,false,2024-12-16T15:06:04.714Z,184
CVE-2020-7581,https://securityvulnerability.io/vulnerability/CVE-2020-7581,,"A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.",Siemens,"Opcenter Execution Discrete,Opcenter Execution Foundation,Opcenter Execution Process,Opcenter Intelligence,Opcenter Quality,Opcenter Rd&l,Simatic Notifier Server For Windows,Simatic Pcs Neo,Simatic Step 7 (tia Portal) V15,Simatic Step 7 (tia Portal) V16,Simocode Es V15.1,Simocode Es V16,Soft Starter Es V15.1,Soft Starter Es V16",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,false,false,2020-07-14T13:18:05.000Z,0
CVE-2020-7588,https://securityvulnerability.io/vulnerability/CVE-2020-7588,,"A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.",Siemens,"Opcenter Execution Discrete,Opcenter Execution Foundation,Opcenter Execution Process,Opcenter Intelligence,Opcenter Quality,Opcenter Rd&l,Simatic It Lms,Simatic It Production Suite,Simatic Notifier Server For Windows,Simatic Pcs Neo,Simatic Step 7 (tia Portal) V15,Simatic Step 7 (tia Portal) V16,Simocode Es V15.1,Simocode Es V16,Soft Starter Es V15.1,Soft Starter Es V16",5.3,MEDIUM,0.0010999999940395355,false,,false,false,false,,false,false,2020-07-14T13:18:05.000Z,0
CVE-2020-7587,https://securityvulnerability.io/vulnerability/CVE-2020-7587,,"A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.",Siemens,"Opcenter Execution Discrete,Opcenter Execution Foundation,Opcenter Execution Process,Opcenter Intelligence,Opcenter Quality,Opcenter Rd&l,Simatic It Lms,Simatic It Production Suite,Simatic Notifier Server For Windows,Simatic Pcs Neo,Simatic Step 7 (tia Portal) V15,Simatic Step 7 (tia Portal) V16,Simocode Es V15.1,Simocode Es V16,Soft Starter Es V15.1,Soft Starter Es V16",8.2,HIGH,0.002460000105202198,false,,false,false,false,,false,false,2020-07-14T13:18:05.000Z,0