Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-12 | CVE-2024-36140 | Cross-site Scripting vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). | 5.4 |
2024-11-12 | CVE-2024-44102 | Deserialization of Untrusted Data vulnerability in Siemens Telecontrol Server Basic 3.1 A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000 V3.1 (6NH9910-0AA31-0AD1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 32 to 64 V3.1 (6NH9910-0AA31-0AF1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 64 to 256 V3.1 (6NH9910-0AA31-0AC1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 8 to 32 V3.1 (6NH9910-0AA31-0AB1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 1000 V3.1 (6NH9910-0AA31-0AD0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 256 V3.1 (6NH9910-0AA31-0AC0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 32 V3.1 (6NH9910-0AA31-0AF0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 5000 V3.1 (6NH9910-0AA31-0AE0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 64 V3.1 (6NH9910-0AA31-0AB0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic 8 V3.1 (6NH9910-0AA31-0AA0) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Serv Upgr (6NH9910-0AA31-0GA1) (All versions < V3.1.2.1 with redundancy configured), TeleControl Server Basic Upgr V3.1 (6NH9910-0AA31-0GA0) (All versions < V3.1.2.1 with redundancy configured). | 10.0 |
2024-11-12 | CVE-2024-46888 | Path Traversal vulnerability in Siemens Sinec INS 1.0 A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). | 9.9 |
2024-11-12 | CVE-2024-46889 | Use of Hard-coded Cryptographic Key vulnerability in Siemens Sinec INS 1.0 A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). | 5.3 |
2024-11-12 | CVE-2024-46890 | OS Command Injection vulnerability in Siemens Sinec INS 1.0 A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). | 9.1 |
2024-11-12 | CVE-2024-46891 | A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). | 5.3 |
2024-11-12 | CVE-2024-46892 | Insufficient Session Expiration vulnerability in Siemens Sinec INS 1.0 A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). | 8.1 |
2024-11-12 | CVE-2024-46894 | A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). network low complexity | 6.3 |
2024-11-12 | CVE-2024-47783 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Siport A vulnerability has been identified in SIPORT (All versions < V3.4.0). | 7.8 |
2024-11-12 | CVE-2024-47808 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Sinec NMS A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). | 6.5 |