cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-46280,https://securityvulnerability.io/vulnerability/CVE-2023-46280,Out of Bounds Read Vulnerability in SIMATIC and TIA Portal Products by Siemens,"An out of bounds read vulnerability has been identified in multiple Siemens products, including the SIMATIC and TIA Portal series. This flaw can potentially lead to the crashing of the Windows kernel, resulting in a Blue Screen of Death (BSOD) error. Attackers could exploit this vulnerability to destabilize systems, impacting operational efficiency and safety within industrial environments. It is crucial for users of these products to be aware of this vulnerability and to implement necessary mitigations as outlined by Siemens.",Siemens,"Security Configuration Tool (sct),Simatic Automation Tool,Simatic Batch V9.1,Simatic Net Pc Software V16,Simatic Net Pc Software V17,Simatic Net Pc Software V18,Simatic Net Pc Software V19,Simatic Pcs 7 V9.1,Simatic Pdm V9.2,Simatic Route Control V9.1,Simatic S7-pct,Simatic Step 7 V5,Simatic Wincc Oa V3.17,Simatic Wincc Oa V3.18,Simatic Wincc Oa V3.19,Simatic Wincc Runtime Advanced,Simatic Wincc Runtime Professional V16,Simatic Wincc Runtime Professional V17,Simatic Wincc Runtime Professional V18,Simatic Wincc Runtime Professional V19,Simatic Wincc V7.4,Simatic Wincc V7.5,Simatic Wincc V8.0,Sinamics Startdrive,Sinec Nms,Sinumerik One Virtual,Sinumerik Plc Programming Tool,Tia Portal Cloud Connector,Totally Integrated Automation Portal (tia Portal) V15.1,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19",6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-14T10:01:52.069Z,0
CVE-2023-28831,https://securityvulnerability.io/vulnerability/CVE-2023-28831,Integer Overflow Issue in Siemens OPC UA Implementations,"The OPC UA implementations in Siemens products harbor an integer overflow vulnerability that can lead to an infinite loop during the certificate validation process. This condition could be exploited by an unauthenticated remote attacker utilizing a specially crafted certificate, resulting in a denial of service that impacts application availability and reliability.",Siemens,"Simatic Braumat,Simatic Cloud Connect 7 Cc712,Simatic Cloud Connect 7 Cc716,Simatic Comfort/mobile Rt,Simatic Drive Controller Cpu 1504d Tf,Simatic Drive Controller Cpu 1507d Tf,Simatic Et 200sp Open Controller Cpu 1515sp Pc2 (incl. Siplus Variants),Simatic Ipc Diagmonitor,Simatic Net Pc Software V14,Simatic Net Pc Software V16,Simatic Net Pc Software V17,Simatic Net Pc Software V18,Simatic Pcs 7 V9.1,Simatic Pcs Neo V4.0,Simatic S7-1500 Cpu 1510sp F-1 Pn,Simatic S7-1500 Cpu 1510sp-1 Pn,Simatic S7-1500 Cpu 1511-1 Pn,Simatic S7-1500 Cpu 1511c-1 Pn,Simatic S7-1500 Cpu 1511f-1 Pn,Simatic S7-1500 Cpu 1511t-1 Pn,Simatic S7-1500 Cpu 1511tf-1 Pn,Simatic S7-1500 Cpu 1512c-1 Pn,Simatic S7-1500 Cpu 1512sp F-1 Pn,Simatic S7-1500 Cpu 1512sp-1 Pn,Simatic S7-1500 Cpu 1513-1 Pn,Simatic S7-1500 Cpu 1513f-1 Pn,Simatic S7-1500 Cpu 1514sp F-2 Pn,Simatic S7-1500 Cpu 1514sp-2 Pn,Simatic S7-1500 Cpu 1514spt F-2 Pn,Simatic S7-1500 Cpu 1514spt-2 Pn,Simatic S7-1500 Cpu 1515-2 Pn,Simatic S7-1500 Cpu 1515f-2 Pn,Simatic S7-1500 Cpu 1515t-2 Pn,Simatic S7-1500 Cpu 1515tf-2 Pn,Simatic S7-1500 Cpu 1516-3 Pn/dp,Simatic S7-1500 Cpu 1516f-3 Pn/dp,Simatic S7-1500 Cpu 1516t-3 Pn/dp,Simatic S7-1500 Cpu 1516tf-3 Pn/dp,Simatic S7-1500 Cpu 1517-3 Pn/dp,Simatic S7-1500 Cpu 1517f-3 Pn/dp,Simatic S7-1500 Cpu 1517t-3 Pn/dp,Simatic S7-1500 Cpu 1517tf-3 Pn/dp,Simatic S7-1500 Cpu 1518-4 Pn/dp,Simatic S7-1500 Cpu 1518-4 Pn/dp Mfp,Simatic S7-1500 Cpu 1518f-4 Pn/dp,Simatic S7-1500 Cpu 1518f-4 Pn/dp Mfp,Simatic S7-1500 Cpu 1518t-4 Pn/dp,Simatic S7-1500 Cpu 1518tf-4 Pn/dp,Simatic S7-1500 Cpu S7-1518-4 Pn/dp Odk,Simatic S7-1500 Cpu S7-1518f-4 Pn/dp Odk,Simatic S7-1500 Et 200pro: Cpu 1513pro F-2 Pn,Simatic S7-1500 Et 200pro: Cpu 1513pro-2 Pn,Simatic S7-1500 Et 200pro: Cpu 1516pro F-2 Pn,Simatic S7-1500 Et 200pro: Cpu 1516pro-2 Pn,Simatic S7-1500 Software Controller V2,Simatic S7-1500 Software Controller V3,Simatic S7-plcsim Advanced,Simatic Sistar,Simatic Wincc Oa V3.17,Simatic Wincc Oa V3.18,Simatic Wincc Oa V3.19,Simatic Wincc Opc Ua Client,Simatic Wincc Runtime Professional V16,Simatic Wincc Runtime Professional V17,Simatic Wincc Runtime Professional V18,Simatic Wincc Runtime Professional V19,Simatic Wincc Unified Opc Ua Server,Simatic Wincc V7.4,Simatic Wincc V7.5,Simatic Wincc V8.0,Sinumerik Mc,Sinumerik One,Siplus Et 200sp Cpu 1510sp F-1 Pn,Siplus Et 200sp Cpu 1510sp F-1 Pn Rail,Siplus Et 200sp Cpu 1510sp-1 Pn,Siplus Et 200sp Cpu 1510sp-1 Pn Rail,Siplus Et 200sp Cpu 1512sp F-1 Pn,Siplus Et 200sp Cpu 1512sp F-1 Pn Rail,Siplus Et 200sp Cpu 1512sp-1 Pn,Siplus Et 200sp Cpu 1512sp-1 Pn Rail,Siplus S7-1500 Cpu 1511-1 Pn,Siplus S7-1500 Cpu 1511-1 Pn T1 Rail,Siplus S7-1500 Cpu 1511-1 Pn Tx Rail,Siplus S7-1500 Cpu 1511f-1 Pn,Siplus S7-1500 Cpu 1513-1 Pn,Siplus S7-1500 Cpu 1513f-1 Pn,Siplus S7-1500 Cpu 1515f-2 Pn,Siplus S7-1500 Cpu 1515f-2 Pn Rail,Siplus S7-1500 Cpu 1515f-2 Pn T2 Rail,Siplus S7-1500 Cpu 1516-3 Pn/dp,Siplus S7-1500 Cpu 1516-3 Pn/dp Rail,Siplus S7-1500 Cpu 1516-3 Pn/dp Tx Rail,Siplus S7-1500 Cpu 1516f-3 Pn/dp,Siplus S7-1500 Cpu 1516f-3 Pn/dp Rail,Siplus S7-1500 Cpu 1518-4 Pn/dp,Siplus S7-1500 Cpu 1518-4 Pn/dp Mfp,Siplus S7-1500 Cpu 1518f-4 Pn/dp",7.5,HIGH,0.0005300000193528831,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2021-27386,https://securityvulnerability.io/vulnerability/CVE-2021-27386,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16,Sinamics Gh150,Sinamics Gl150 (with Option X30),Sinamics Gm150 (with Option X30),Sinamics Sh150,Sinamics Sl150,Sinamics Sm120,Sinamics Sm150,Sinamics Sm150i",7.5,HIGH,0.004809999838471413,false,,false,false,false,,false,false,2021-05-12T13:18:23.000Z,0
CVE-2021-27385,https://securityvulnerability.io/vulnerability/CVE-2021-27385,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16,Sinamics Gh150,Sinamics Gl150 (with Option X30),Sinamics Gm150 (with Option X30),Sinamics Sh150,Sinamics Sl150,Sinamics Sm120,Sinamics Sm150,Sinamics Sm150i",7.5,HIGH,0.0029299999587237835,false,,false,false,false,,false,false,2021-05-12T13:18:23.000Z,0
CVE-2021-25660,https://securityvulnerability.io/vulnerability/CVE-2021-25660,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16",7.5,HIGH,0.0014700000174343586,false,,false,false,false,,false,false,2021-05-12T13:18:22.000Z,0
CVE-2021-25662,https://securityvulnerability.io/vulnerability/CVE-2021-25662,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16",7.5,HIGH,0.008379999548196793,false,,false,false,false,,false,false,2021-05-12T13:18:22.000Z,0
CVE-2021-27383,https://securityvulnerability.io/vulnerability/CVE-2021-27383,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16,Sinamics Gh150,Sinamics Gl150 (with Option X30),Sinamics Gm150 (with Option X30),Sinamics Sh150,Sinamics Sl150,Sinamics Sm120,Sinamics Sm150,Sinamics Sm150i",7.5,HIGH,0.0016599999507889152,false,,false,false,false,,false,false,2021-05-12T13:18:22.000Z,0
CVE-2021-27384,https://securityvulnerability.io/vulnerability/CVE-2021-27384,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16,Sinamics Gh150,Sinamics Gl150 (with Option X30),Sinamics Gm150 (with Option X30),Sinamics Sh150,Sinamics Sl150,Sinamics Sm120,Sinamics Sm150,Sinamics Sm150i",9.8,CRITICAL,0.005330000072717667,false,,false,false,false,,false,false,2021-05-12T13:18:22.000Z,0
CVE-2021-25661,https://securityvulnerability.io/vulnerability/CVE-2021-25661,,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.",Siemens,"Simatic Hmi Comfort Outdoor Panels V15 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Outdoor Panels V16 7\"" & 15\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V15 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Comfort Panels V16 4\"" - 22\"" (incl. Siplus Variants),Simatic Hmi Ktp Mobile Panels V15 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Hmi Ktp Mobile Panels V16 Ktp400f, Ktp700, Ktp700f, Ktp900 And Ktp900f,Simatic Wincc Runtime Advanced V15,Simatic Wincc Runtime Advanced V16",7.5,HIGH,0.0014600000577047467,false,,false,false,false,,false,false,2021-05-12T13:18:22.000Z,0
CVE-2020-7580,https://securityvulnerability.io/vulnerability/CVE-2020-7580,,"A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.",Siemens,"Simatic Automation Tool,Simatic Net Pc Software V14,Simatic Net Pc Software V15,Simatic Net Pc Software V16,Simatic Pcs Neo,Simatic Prosave,Simatic S7-1500 Software Controller,Simatic Step 7 (tia Portal) V13,Simatic Step 7 (tia Portal) V14,Simatic Step 7 (tia Portal) V15,Simatic Step 7 (tia Portal) V16,Simatic Step 7 V5,Simatic Wincc Oa V3.16,Simatic Wincc Oa V3.17,Simatic Wincc Runtime Advanced,Simatic Wincc Runtime Professional V13,Simatic Wincc Runtime Professional V14,Simatic Wincc Runtime Professional V15,Simatic Wincc Runtime Professional V16,Simatic Wincc V7.4,Simatic Wincc V7.5,Sinamics Starter,Sinamics Startdrive,Sinec Nms,Sinema Server,Sinumerik One Virtual,Sinumerik Operate",6.7,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2020-06-10T00:00:00.000Z,0