Vulnerabilities > Siemens

DATE CVE VULNERABILITY TITLE RISK
2022-05-10 CVE-2021-41545 Unspecified vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens
5.0
2022-05-10 CVE-2022-24039 Injection vulnerability in Siemens Desigo Pxc4 Firmware and Desigo Pxc5 Firmware
A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
siemens CWE-74
8.5
2022-05-10 CVE-2022-24040 Resource Exhaustion vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-400
4.0
2022-05-10 CVE-2022-24041 Use of Password Hash With Insufficient Computational Effort vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-916
4.0
2022-05-10 CVE-2022-24042 Insufficient Session Expiration vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-613
6.4
2022-04-12 CVE-2021-40368 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Siemens products
A vulnerability has been identified in SIMATIC S7-400 H V6 CPU family (incl.
network
low complexity
siemens CWE-119
5.0
2022-04-12 CVE-2021-42029 Improper Privilege Management vulnerability in Siemens Simatic Step 7
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2).
local
low complexity
siemens CWE-269
7.2
2022-04-12 CVE-2022-23448 Incorrect Permission Assignment for Critical Resource vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1).
local
low complexity
siemens CWE-732
7.2
2022-04-12 CVE-2022-23449 Uncontrolled Search Path Element vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1).
6.9
2022-04-12 CVE-2022-23450 Deserialization of Untrusted Data vulnerability in Siemens products
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1).
network
low complexity
siemens CWE-502
critical
10.0