cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-49775,https://securityvulnerability.io/vulnerability/CVE-2024-49775,Heap-Based Buffer Overflow in Siemens Automation Products,"CVE-2024-49775 identifies a critical heap-based buffer overflow vulnerability affecting multiple Siemens automation products, including the Opcenter suite and the Totally Integrated Automation Portal (TIA Portal). This vulnerability resides in the integrated UMC component and could allow an unauthenticated remote attacker to execute arbitrary code. Given the widespread use of these products in industrial environments, the implications of such exploitation could lead to severe operational disruptions. Siemens has acknowledged this vulnerability in all listed versions and it is imperative for users to assess their current configurations and apply necessary mitigations.",Siemens,"Opcenter Execution Foundation,Opcenter Intelligence,Opcenter Quality,Opcenter Rdl,Simatic Pcs Neo V4.0,Simatic Pcs Neo V4.1,Simatic Pcs Neo V5.0,Sinec Nms,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19",9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-12-16T15:06:04.714Z,184
CVE-2024-33698,https://securityvulnerability.io/vulnerability/CVE-2024-33698,Heap-Based Buffer Overflow in Opcenter and SIMATIC Products by Siemens,"A critical security vulnerability exists within the integrated UMC component of various Siemens products, including Opcenter and SIMATIC series. This vulnerability is characterized as a heap-based buffer overflow, which could potentially enable an unauthenticated remote attacker to execute arbitrary code on the affected systems. This flaw underscores the importance of regular updates and security patch management to protect industrial applications from malicious exploitation.",Siemens,"Opcenter Execution Foundation,Opcenter Quality,Opcenter Rdl,Simatic Information Server 2022,Simatic Information Server 2024,Simatic Pcs Neo V4.0,Simatic Pcs Neo V4.1,Simatic Pcs Neo V5.0,Sinec Nms,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19",9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-10T09:36:31.009Z,0
CVE-2023-46280,https://securityvulnerability.io/vulnerability/CVE-2023-46280,Out of Bounds Read Vulnerability in SIMATIC and TIA Portal Products by Siemens,"An out of bounds read vulnerability has been identified in multiple Siemens products, including the SIMATIC and TIA Portal series. This flaw can potentially lead to the crashing of the Windows kernel, resulting in a Blue Screen of Death (BSOD) error. Attackers could exploit this vulnerability to destabilize systems, impacting operational efficiency and safety within industrial environments. It is crucial for users of these products to be aware of this vulnerability and to implement necessary mitigations as outlined by Siemens.",Siemens,"Security Configuration Tool (sct),Simatic Automation Tool,Simatic Batch V9.1,Simatic Net Pc Software V16,Simatic Net Pc Software V17,Simatic Net Pc Software V18,Simatic Net Pc Software V19,Simatic Pcs 7 V9.1,Simatic Pdm V9.2,Simatic Route Control V9.1,Simatic S7-pct,Simatic Step 7 V5,Simatic Wincc Oa V3.17,Simatic Wincc Oa V3.18,Simatic Wincc Oa V3.19,Simatic Wincc Runtime Advanced,Simatic Wincc Runtime Professional V16,Simatic Wincc Runtime Professional V17,Simatic Wincc Runtime Professional V18,Simatic Wincc Runtime Professional V19,Simatic Wincc V7.4,Simatic Wincc V7.5,Simatic Wincc V8.0,Sinamics Startdrive,Sinec Nms,Sinumerik One Virtual,Sinumerik Plc Programming Tool,Tia Portal Cloud Connector,Totally Integrated Automation Portal (tia Portal) V15.1,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19",6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-05-14T10:01:52.069Z,0
CVE-2023-30757,https://securityvulnerability.io/vulnerability/CVE-2023-30757,Know-How Protection Flaw in Siemens Totally Integrated Automation Portal Products,"A critical vulnerability exists within Siemens Totally Integrated Automation Portal products that impacts the know-how protection feature. When project files are updated, the encryption for existing program blocks is not properly refreshed, permitting attackers with access to the project files to retrieve older, unprotected versions of the project. This unauthorized access occurs without requiring the know-how protection password, posing a significant risk to the confidentiality and integrity of sensitive automation data.",Siemens,"Totally Integrated Automation Portal (tia Portal) V14,Totally Integrated Automation Portal (tia Portal) V15,Totally Integrated Automation Portal (tia Portal) V15.1,Totally Integrated Automation Portal (tia Portal) V16,Totally Integrated Automation Portal (tia Portal) V17,Totally Integrated Automation Portal (tia Portal) V18,Totally Integrated Automation Portal (tia Portal) V19,Totally Integrated Automation Portal (tia Portal) V20",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-13T09:15:00.000Z,0