cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2023-48364,https://securityvulnerability.io/vulnerability/CVE-2023-48364,Remote Procedure Call Vulnerability in OpenPCS and SIMATIC Products by Siemens,"A vulnerability exists in certain Siemens OpenPCS and SIMATIC products due to improper handling of malformed Remote Procedure Call (RPC) messages. This oversight could allow an attacker to exploit the vulnerability, leading to a denial of service condition in the RPC server, thereby impacting the availability and functionality of the affected systems. It is crucial for users to apply the updates provided by Siemens to mitigate potential risks associated with this vulnerability.",Siemens,"Openpcs 7 V9.1,Simatic Batch V9.1,Simatic Pcs 7 V9.1,Simatic Route Control V9.1,Simatic Wincc Runtime Professional V18,Simatic Wincc Runtime Professional V19,Simatic Wincc V7.4,Simatic Wincc V7.5,Simatic Wincc V8.0",6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-13T08:59:56.648Z,0 CVE-2023-48363,https://securityvulnerability.io/vulnerability/CVE-2023-48363,Remote Procedure Call Vulnerability in Siemens OpenPCS and SIMATIC Products,"A vulnerability exists in certain versions of Siemens OpenPCS and SIMATIC products due to improper handling of specific unorganized Remote Procedure Call (RPC) messages. This flaw can be exploited by an attacker to trigger a denial of service condition in the RPC server, potentially disrupting operations across affected systems. Timely updates to the latest service packs are recommended to mitigate this risk.",Siemens,"Openpcs 7 V9.1,Simatic Batch V9.1,Simatic Pcs 7 V9.1,Simatic Route Control V9.1,Simatic Wincc Runtime Professional V18,Simatic Wincc Runtime Professional V19,Simatic Wincc V7.4,Simatic Wincc V7.5,Simatic Wincc V8.0",6.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-13T08:59:55.432Z,0 CVE-2021-40359,https://securityvulnerability.io/vulnerability/CVE-2021-40359,File Path Injection Vulnerability in Siemens OpenPCS and SIMATIC Products,"A vulnerability exists in multiple Siemens products where the systems fail to adequately neutralize certain characters within the pathname during file downloads. This failure allows attackers to craft paths that bypass restrictions, enabling them to access sensitive files outside of the intended directory. This issue affects various versions of OpenPCS, SIMATIC BATCH, SIMATIC NET PC Software, SIMATIC PCS, and SIMATIC WinCC, creating a significant security risk for users of these systems.",Siemens,"Openpcs 7 V8.2,Openpcs 7 V9.0,Openpcs 7 V9.1,Simatic Batch V8.2,Simatic Batch V9.0,Simatic Batch V9.1,Simatic Net Pc Software V14,Simatic Net Pc Software V15,Simatic Net Pc Software V16,Simatic Net Pc Software V17,Simatic Pcs 7 V8.2,Simatic Pcs 7 V9.0,Simatic Pcs 7 V9.1,Simatic Route Control V8.2,Simatic Route Control V9.0,Simatic Route Control V9.1,Simatic Wincc V15 And Earlier,Simatic Wincc V16,Simatic Wincc V17,Simatic Wincc V7.4,Simatic Wincc V7.5",7.7,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2021-11-09T11:32:05.000Z,0